Nezha Monitoring: Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members
Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron
Arcane: Missing admin authorization on global variables endpoint
aiograpi: Unsafe signup challenge path handling
Parse Server: Pre-authentication denial of service via client version header regex backtracking
Nezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.FailTriggerTasks (no ownership check)
Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notification
Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance
YesWiki: Unauthenticated SQL Injection
ImageMagick: Heap Buffer Over-Read in distributed pixel cache server
ImageMagick: Information Disclosure in distributed pixel cache server because it is not using a challenge–response authentication model
ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking
ImageMagick: Heap Buffer Over-Write in distributed pixel cache server
STER uses unencrypted TCP traffic to transmit data over the network. It allows an attacker to conduct a Man-In-The-Middle attack and obtain sensitive data such as passwords, personal data, or authentication tokens. This issue was fixed in version 9.5.
Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded. This issue was fixed in version 9.5.
A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any other data that the app...
The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...
The Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
The MotoPress Hotel Booking plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to overwrite or de...
The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle_playlist_endpoint() function (hooked to template_redirect) accepting a user-controlled playlist ID via the audioigniter_playlist_id query var or ...