|
1081
|
- |
|
-
|
-
|
An Improper Access Control vulnerability has been found in EmbedAI
2.1 and below. This vulnerability allows an authenticated attacker to write messages into other users chat by changing the paramet…
|
CWE-284
CWE-863
Improper Access Control
Incorrect Authorization
|
CVE-2025-0741
|
2025-01-30 23:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1082
|
- |
|
-
|
-
|
The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'file' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-13706
|
2025-01-30 23:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1083
|
- |
|
-
|
-
|
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the sof…
|
CWE-94
Code Injection
|
CVE-2024-13453
|
2025-01-30 23:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1084
|
- |
|
-
|
-
|
The Simple:Press Forum plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 6.10.11 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-12409
|
2025-01-30 23:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1085
|
- |
|
-
|
-
|
A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.
|
CWE-269
CWE-276
Improper Privilege Management
Incorrect Default Permissions
|
CVE-2025-23007
|
2025-01-30 23:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1086
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipu…
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2025-0870
|
2025-01-30 22:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1087
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Cianet ONU GW24AC up to 20250127. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Login. The manipulation…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0869
|
2025-01-30 22:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1088
|
- |
|
-
|
-
|
A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to craft a malicious URL leveraging the"/embedai/users/show…
|
CWE-79
Cross-site Scripting
|
CVE-2025-0746
|
2025-01-30 21:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1089
|
- |
|
-
|
-
|
An Improper Access Control vulnerability has been found in EmbedAI
2.1 and below. This vulnerability allows an authenticated attacker to obtain chat messages belonging to other users by changing th…
|
CWE-284
Improper Access Control
|
CVE-2025-0740
|
2025-01-30 20:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1090
|
- |
|
-
|
-
|
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing th…
|
CWE-284
Improper Access Control
|
CVE-2025-0739
|
2025-01-30 20:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
