jeudi 19 septembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Siemens SIMATIC TDC CP51M1 up to 1.1.6 UDP Packet denial of service

A vulnerability was found in Siemens SIMATIC TDC CP51M1 up to 1.1.6. It has been classified as problematic. This affects an unknown functionality of the component UDP Packet Handler. Upgrading to version 1.1.7 eliminates this vulnerability.
Auteur: VulDB

Aruba ArubaOS Mobility Controller IP Packet privilege escalation

A vulnerability was found in Aruba ArubaOS (affected version not known) and classified as critical. Affected by this issue is an unknown function of the component Mobility Controller. There is no information about possible countermeasures known....
Auteur: VulDB

kama-clic-counter Plugin up to 3.4.x on WordPress cross site scripting

A vulnerability has been found in kama-clic-counter Plugin up to 3.4.x on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is some unknown processing. Upgrading to version 3.5.0 eliminates this...
Auteur: VulDB

kama-clic-counter Plugin 3.4.9 on WordPress admin.php order sql injection

A vulnerability, which was classified as critical, was found in kama-clic-counter Plugin 3.4.9 on WordPress (WordPress Plugin). Affected is an unknown code block of the file admin.php. There is no information about possible countermeasures known....
Auteur: VulDB

trust-form Plugin 2.0 on WordPress admin.php page cross site scripting

A vulnerability, which was classified as problematic, has been found in trust-form Plugin 2.0 on WordPress (WordPress Plugin). This issue affects an unknown code of the file wp-admin/admin.php?page=trust-form-edit. There is no information about...
Auteur: VulDB

wp-whois-domain Plugin 1.0.0 on WordPress pages/func-whois.php cross site scripting

A vulnerability classified as problematic was found in wp-whois-domain Plugin 1.0.0 on WordPress (WordPress Plugin). This vulnerability affects an unknown part of the file pages/func-whois.php. There is no information about possible...
Auteur: VulDB

cysteme-finder Plugin up to 1.3 on WordPress File Upload Session privilege escalation

A vulnerability classified as critical has been found in cysteme-finder Plugin up to 1.3 on WordPress (WordPress Plugin). This affects some unknown functionality of the component File Upload. Upgrading to version 1.4 eliminates this vulnerability.
Auteur: VulDB

Neosense Theme up to 1.7 on WordPress qquploader File Upload privilege escalation

A vulnerability was found in Neosense Theme up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is an unknown functionality of the component qquploader. Upgrading to version 1.8 eliminates this vulnerability.
Auteur: VulDB

Headway Theme up to 3.8.8 on WordPress License Key cross site scripting

A vulnerability was found in Headway Theme up to 3.8.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component License Key Handler. Upgrading to version 3.8.9 eliminates this...
Auteur: VulDB

quotes-collection Plugin up to 2.0.5 on WordPress admin.php page cross site scripting

A vulnerability was found in quotes-collection Plugin up to 2.0.5 on WordPress. It has been classified as problematic. Affected is some unknown processing of the file wp-admin/admin.php?page=quotes-collection. Upgrading to version 2.0.6...
Auteur: VulDB

fs-shopping-cart Plugin 2.07.02 on WordPress pid sql injection

A vulnerability was found in fs-shopping-cart Plugin 2.07.02 on WordPress and classified as critical. This issue affects an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

sirv Plugin up to 1.3.1 on WordPress id sql injection

A vulnerability has been found in sirv Plugin up to 1.3.1 on WordPress and classified as critical. This vulnerability affects an unknown code. Upgrading to version 1.3.2 eliminates this vulnerability.
Auteur: VulDB

Relevanssi Premium Plugin up to 1.14.6.0 on WordPress Unserialization sql injection

A vulnerability, which was classified as critical, was found in Relevanssi Premium Plugin up to 1.14.6.0 on WordPress. This affects an unknown part of the component Unserialization. Upgrading to version 1.14.6.1 eliminates this vulnerability.
Auteur: VulDB

Post Indexer Plugin up to 3.0.6.1 on WordPress unserialize privilege escalation

A vulnerability, which was classified as critical, has been found in Post Indexer Plugin up to 3.0.6.1 on WordPress. Affected by this issue is the function unserialize. Upgrading to version 3.0.6.2 eliminates this vulnerability.
Auteur: VulDB

Post Indexer Plugin up to 3.0.6.1 on WordPress period sql injection

A vulnerability classified as critical was found in Post Indexer Plugin up to 3.0.6.1 on WordPress. Affected by this vulnerability is an unknown functionality. Upgrading to version 3.0.6.2 eliminates this vulnerability.
Auteur: VulDB

wp-d3 Plugin up to 2.4.0 on WordPress cross site request forgery

A vulnerability classified as critical has been found in wp-d3 Plugin up to 2.4.0 on WordPress. Affected is an unknown function. Upgrading to version 2.4.1 eliminates this vulnerability.
Auteur: VulDB

PageLines Theme 1.1.4 on WordPress admin-post.php cross site request forgery

A vulnerability was found in PageLines Theme 1.1.4 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the file wp-admin/admin-post.php?page=pagelines. There is no information about possible...
Auteur: VulDB

multisite-post-duplicator Plugin up to 1.1.2 on WordPress tools.php cross site request forgery

A vulnerability was found in multisite-post-duplicator Plugin up to 1.1.2 on WordPress. It has been declared as critical. This vulnerability affects an unknown code block of the file wp-admin/tools.php?page=mpd. Upgrading to version 1.1.3...
Auteur: VulDB

zx-csv-upload Plugin 1 on WordPress id sql injection

A vulnerability was found in zx-csv-upload Plugin 1 on WordPress. It has been classified as critical. This affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

podlove-podcasting-plugin-for-wordpress Plugin up to 2.3.15 on WordPress insert_id sql injection

A vulnerability was found in podlove-podcasting-plugin-for-wordpress Plugin up to 2.3.15 on WordPress (WordPress Plugin) and classified as critical. Affected by this issue is an unknown part. Upgrading to version 2.3.16 eliminates this...
Auteur: VulDB

podlove-podcasting-plugin-for-wordpress Plugin up to 2.3.15 on WordPress cross site scripting

A vulnerability has been found in podlove-podcasting-plugin-for-wordpress Plugin up to 2.3.15 on WordPress and classified as problematic. Affected by this vulnerability is some unknown functionality. Upgrading to version 2.3.16 eliminates this...
Auteur: VulDB

zm-gallery Plugin 1.0 on WordPress order sql injection

A vulnerability, which was classified as critical, was found in zm-gallery Plugin 1.0 on WordPress. Affected is an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

xtremelocator Plugin 1.5 on WordPress id sql injection

A vulnerability, which was classified as critical, has been found in xtremelocator Plugin 1.5 on WordPress. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

copy-me Plugin 1.0.0 on WordPress cross site request forgery

A vulnerability classified as problematic was found in copy-me Plugin 1.0.0 on WordPress. This vulnerability affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the...
Auteur: VulDB

Integard Pro/Home 2.0/2.2 Web Server Long Password Code Execution memory corruption

A vulnerability classified as critical has been found in Integard Pro and Home 2.0/2.2. This affects an unknown code block of the component Web Server. Upgrading to version 2.0.0.9037 or 2.2.0.9037 eliminates this vulnerability.
Auteur: VulDB
First45678910111213Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

BLOCKCHAIN

Conférence et exposition sur les applications d'entreprise de la blockchain à Paris, cité universitaire internationale, les 13 et 14 novembre 2019. Organisés par Corp Agency.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS