Kategori: NIST-Güvenlik Açıkları

CVE-2021-42358

The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the ~/cfwc-form.php file during contact form…

Devamını oku

CVE-2021-42364

The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the stats_page function found in the ~/stetic.php file, which…

Devamını oku

CVE-2021-42365

The Asgaros Forums WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the name parameter found in the ~/admin/tables/admin-structure-table.php file which…

Devamını oku

CVE-2021-39995

Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could…

Devamını oku

CVE-2021-43691

An unspecified version of tripexpress is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there is…

Devamını oku