Details
Software: WP ULike
Version: 2.8.1,3.1
Homepage: https://wordpress.org/plugins/wp-ulike/
Advisory report: https://advisories.dxw.com/advisories/wp-ulike-delete-rows/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:N/I:P/A:P)
Description
WP
Details
Software: WP ULike
Version: 2.8.1,3.1
Homepage: https://wordpress.org/plugins/wp-ulike/
Advisory report: https://advisories.dxw.com/advisories/stored-xss-wp-ulike/
CVE: Awaiting assignment
CVSS: 6.4 (Medium; AV:N/AC:L/Au:N/C:P/I:P/A:N)
Description
Stored
SEC Consult Vulnerability Lab Security Advisory < 20180514-0 >
===
title: Arbitrary File Upload & Cross-site scripting
product: MyBiz MyProcureNet
vulnerable version: 5.0.0
fixed versio
Well, the formatting could have been better, I guess:
Vulnerabilities in IBMs Flashsystems and Storwize Products
-
Introduction
Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem
900
"ProjectPier is a Free, Open-Source, PHP application for managing tasks,
projects and teams through an intuitive web interface."
https://github.com/Project-Pier
https://sourceforge.net/projects/projectpier/
I reached out to the vendor via several channels to report the findings
below, but