CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51819 – WordPress Tigris Flexplatform plugin <=1.0.2 - Stored Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-51819
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tigris – Flexplatform Tigris Flexplatform allows Stored XSS.This issue affects Tigris Flexplatform: from n/a through .0.2. The Tigris Flexplatform plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/tigris-flexplatform/wordpress-tigris-flexplatform-plugin-1-0-2-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 2CVE-2024-31497
https://notcve.org/view.php?id=CVE-2024-31497
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. • https://github.com/sh1k4ku/CVE-2024-31497 https://github.com/HugoBond/CVE-2024-31497-POC http://www.openwall.com/lists/oss-security/2024/04/15/6 https://bugzilla.redhat.com/show_bug.cgi?id=2275183 https://bugzilla.suse.com/show_bug.cgi?id=1222864 https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty https://filezilla-project.org/versions.php https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=sim • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 9.3EPSS: 0%CPEs: 99EXPL: 0CVE-2010-3199
https://notcve.org/view.php?id=CVE-2010-3199
Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default. Vulnerabilidad ruta de búsqueda no confiable en TortoiseSVN v1.6.10, Build 19898 y anteriores, permite ejecutar codigo de sue eleccion a usuarios locales, y posiblemente a atacantes remotos también llevar a cabo ataques a través de secuestro de archivo DLL a través del caballo de troya dwmapi.dll que se encuentra en la misma carpeta que el archivo que está tratando de procesar Tortoise. NOTE: Esta vulnerabilidad se produce cuando una extensión de fichero está asociada con TortoiseProc o TortoiseMerge, lo que no está configurado por defecto. • http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163 http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202&orderBy=createDate&orderType=desc http://www.securityfocus.com/archive/1/513442/100/0/threaded http://www.securityfocus.com/archive/1/513463/100/0/threaded • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 2CVE-2008-5920 – WebSVN 2.0 - Cross-Site Scripting / File Handling / Code Execution
https://notcve.org/view.php?id=CVE-2008-5920
The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch. La función create_anchors en utils.inc en WebSVN v1.x permite a atacantes remotos ejecutar código PHP de su elección a través de nombres de usuario manipulados que es procesado por la función preg_replace con el switch "eval". • https://www.exploit-db.com/exploits/6822 http://securityreason.com/securityalert/4928 http://www.gulftech.org/?node=research&article_id=00132-10202008 http://www.securityfocus.com/bid/31891 https://exchange.xforce.ibmcloud.com/vulnerabilities/48168 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0240
https://notcve.org/view.php?id=CVE-2009-0240
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter. listing.php en WebSVN 2.0 y posiblemente 1.7 beta, cuando utilizan un fichero SVN authz, permite a usuarios autenticados remotamente leer changelogs o diffs para proyectos restringidos a través del parámetro modificado "repname". • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512191 http://secunia.com/advisories/32338 http://secunia.com/advisories/33945 http://secunia.com/advisories/34191 http://www.debian.org/security/2009/dsa-1725 http://www.gentoo.org/security/en/glsa/glsa-200903-20.xml http://www.openwall.com/lists/oss-security/2009/01/18/2 https://exchange.xforce.ibmcloud.com/vulnerabilities/48171 • CWE-264: Permissions, Privileges, and Access Controls •