CVE-2022-1558 : Multiple Stored Cross-Site Scripting vulnerabilities in WordPress curtain plugin 1.0.2

Description

Several Cross-Site Scripting vulnerabilities in the Curtain WordPress plugin. Due to these Cross-Site Scripting vulnerabilities, an attacker would be able to steal cookies, hijack sessions’ or control the browser of the victim.

For more information

http://thelittersitter.com/wordless-wednesday-lea-the-golden-retriever-puppy/dog-seat https://packetstormsecurity.com/files/166839/

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-2558 : TENDA AC18 15.03.05.05 /GOFORM/EXECCOMMAND FORMEXECOMMAND CMDINPUT STACK-BASED OVERFLOW

CVE-2024-2558 : TENDA AC18 15.03.05.05 /GOFORM/EXECCOMMAND FORMEXECOMMAND CMDINPUT STACK-BASED OVERFLOW

Description A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function

CVE-2024-28746 : APACHE AIRFLOW 2.8.0/2.8.1/2.8.2 UI IMPROPER AUTHENTICATION

CVE-2024-28746 : APACHE AIRFLOW 2.8.0/2.8.1/2.8.2 UI IMPROPER AUTHENTICATION

Description Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access

CVE-2024-2413 : INTUMIT SMARTROBOT UP TO 6.1.2-202212TW HARD-CODED KEY

CVE-2024-2413 : INTUMIT SMARTROBOT UP TO 6.1.2-202212TW HARD-CODED KEY

Description Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string