RedPacket Security - InfoSec News & Tutorials

Webasyst cross-site scripting | CVE-2024-27517

March 4, 2024

NAME__________Webasyst cross-site scriptingPlatforms Affected:Webasyst Webasyst 2.9.9Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Webasyst is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Categorify plugin for WordPress security bypass | CVE-2024-1650

March 4, 2024

NAME__________Categorify plugin for WordPress security bypassPlatforms Affected:WordPress WordPress WordPress Categorify plugin for WordPress 1.0.7.4Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Categorify plugin for WordPress...

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1906

March 4, 2024

NAME__________Categorify plugin for WordPress cross-side request forgeryPlatforms Affected:WordPress WordPress WordPress Categorify plugin for WordPress 1.0.7.4Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Categorify plugin for...

Categorify plugin for WordPress security bypass | CVE-2024-1649

March 4, 2024

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1909

March 4, 2024

libLAS denial of service | CVE-2024-27507

March 4, 2024

NAME__________libLAS denial of servicePlatforms Affected:libLAS libLAS 1.8.1Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________libLAS is vulnerable to a denial of service, caused by...

Atheme denial of service | CVE-2024-27508

March 4, 2024

NAME__________Atheme denial of servicePlatforms Affected:Atheme Atheme 7.2.12Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Atheme is vulnerable to a denial of service, caused by...

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1907

March 4, 2024

Sirv plugin for WordPress server-side request forgery | CVE-2024-27949

March 4, 2024

NAME__________Sirv plugin for WordPress server-side request forgeryPlatforms Affected:WordPress WordPress WordPress Sirv Plugin for WordPress 7.2.0Risk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sirv plugin for...

IBM QRadar Suite information disclosure | CVE-2024-22355

March 4, 2024

NAME__________IBM QRadar Suite information disclosurePlatforms Affected:IBM Cloud Pak for Security 1.10.0.0 IBM Cloud Pak for Security 1.10.11.0 IBM QRadar Suite...

Atahualpa Theme for WordPress cross-site request forgery | CVE-2024-27948

March 4, 2024

NAME__________Atahualpa Theme for WordPress cross-site request forgeryPlatforms Affected:WordPress WordPress WordPress Atahualpa theme for WordPress 3.7.24Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Atahualpa Theme for...

Sirv plugin for WordPress security bypass | CVE-2024-27950

March 4, 2024

NAME__________Sirv plugin for WordPress security bypassPlatforms Affected:WordPress WordPress WordPress Sirv Plugin for WordPress 7.2.0Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Sirv plugin for WordPress...

dp-golang security bypass | CVE-2024-27294

March 4, 2024

NAME__________dp-golang security bypassPlatforms Affected:dp-golang dp-golang 1.2.6Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________dp-golang could allow a local authenticated attacker to bypass security restrictions, caused...

Osclass index.php SQL injection | CVE-2024-27515

March 4, 2024

NAME__________Osclass index.php SQL injectionPlatforms Affected:Osclass Osclass 5.1.2Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Osclass is vulnerable to SQL injection. A remote attacker could send...

IBM QRadar Suite information dislosure | CVE-2023-47742

March 4, 2024

NAME__________IBM QRadar Suite information dislosurePlatforms Affected:IBM Cloud Pak for Security 1.10.0.0 IBM Cloud Pak for Security 1.10.11.0 IBM QRadar Suite...

YARD cross-site scripting | CVE-2024-27285

March 4, 2024

NAME__________YARD cross-site scriptingPlatforms Affected:lsegal yard 0.9.35Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________YARD is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

IBM Engineering Test Management cross-site scripting | CVE-2023-43054

March 4, 2024

NAME__________IBM Engineering Test Management cross-site scriptingPlatforms Affected:IBM Engineering Test Management 7.0.2 IBM Engineering Test Management 7.0.3Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM Engineering...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed