Show filters
917 Total Results
Displaying 41-50 of 917
Sort by:
Attacker Value
Unknown

CVE-2025-21393

Disclosure Date: January 14, 2025 (last updated January 18, 2025)
Microsoft SharePoint Server Spoofing Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2025-21348

Disclosure Date: January 14, 2025 (last updated January 22, 2025)
Microsoft SharePoint Server Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2025-21344

Disclosure Date: January 14, 2025 (last updated January 22, 2025)
Microsoft SharePoint Server Remote Code Execution Vulnerability
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2025-22137

Disclosure Date: January 08, 2025 (last updated January 09, 2025)
Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated (if anonymous shares are allowed) user to overwrite arbitrary files on the server, including sensitive system files, via HTTP POST requests. The issue has been patched in version 1.4.0.
0
0
Attacker Value
Unknown

CVE-2025-22319

Disclosure Date: January 07, 2025 (last updated January 08, 2025)
Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47.
0
0
Attacker Value
Unknown

CVE-2024-12449

Disclosure Date: December 18, 2024 (last updated December 18, 2024)
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_player_html' shortcode in all versions up to, and including, 2.6.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-55982

Disclosure Date: December 16, 2024 (last updated December 18, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in richteam Share Buttons – Social Media allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through 1.0.2.
0
0
Attacker Value
Unknown

CVE-2024-54405

Disclosure Date: December 16, 2024 (last updated December 18, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in Andy Chapman ECT Social Share allows Stored XSS.This issue affects ECT Social Share: from n/a through 1.3.
0
0
Attacker Value
Unknown

CVE-2023-38514

Disclosure Date: December 13, 2024 (last updated December 18, 2024)
Missing Authorization vulnerability in social share pro Social Share Icons & Social Share Buttons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Share Icons & Social Share Buttons: from n/a through 3.5.7.
0
0
Attacker Value
Unknown

CVE-2023-34009

Disclosure Date: December 13, 2024 (last updated December 18, 2024)
Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media & Share Icons: from n/a through 2.8.1.
0
0
View More Topics  < Previous  Next >