Vulnerabilities

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bpf: Use correct permission flag for mixed signed bounds arithmetic<br /> <br /> We forbid adding unknown scalars with mixed signed bounds due to the<br /> spectre v1 masking mitigation. Hence this also needs bypass_spec_v1<br /> flag instead of allow_ptr_leaks.

The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the &amp;#39;type&amp;#39; parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the apply_layout function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve arbitrary order data which may contain PII.

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the get_text_editor_content() function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute arbitrary shortcodes.

Should an instance of AnythingLLM be hosted on an internal network and the attacked be explicitly granted a permission level of manager or admin, they could link-scrape internally resolving IPs of other services that are on the same network as AnythingLLM.<br /> <br /> This would require the attacker also be able to guess these internal IPs as `/*` ranging is not possible, but could be brute forced.<br /> <br /> There is a duty of care that other services on the same network would not be fully open and accessible via a simple CuRL with zero authentication as it is not possible to set headers or access via the link collector.

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin&amp;#39;s Post Type Grid Widget Title in all versions up to, and including, 2.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, MELSEC iQ-R CC-Link IE TSN Master/Local Module, CC-Link IE TSN Remote I/O Module, CC-Link IE TSN Analog-Digital Converter Module, CC-Link IE TSN Digital-Analog Converter Module, CC-Link IE TSN - CC-Link IE Field Network Bridge Module, CC-Link IE TSN - AnyWireASLINK Bridge Module, CC-Link IE TSN FPGA Module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Motion Module, MELSEC iQ-L Motion Module, MELSEC iQ-F FX5 Motion Module, MELSEC iQ-F Series CPU module, MELSEC iQ-F Series Ethernet module, MELSEC iQ-F Series Ethernet/IP module, MELSEC iQ-F Series OPC UA Module, MELSEC iQ-F Series CC-Link IE TSN master/local module, GOT2000 Series CC-Link IE TSN Communication Unit, FR-A800-E series inverters, FR-F800-E series inverters, FR-E800-E series inverters, INVERTER CC-Link IE TSN Plug-in option, INVERTER CC-Link IE TSN Safety Plug-in option, INVERTER CC-Link IE TSN communication function built-in type, MR-J5 series AC Servos MELSERVO, MR-JET series AC Servos MELSERVO, MR-MD333G series AC Servos MELSERVO, MR-JE series AC Servos MELSERVO, MELSERVO-J4 AC Servos MELSERVO and Embedded Type Servo System Controller allow a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN Flood attack.

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status Information Update.

Code-projects Simple Stock System 1.0 is vulnerable to SQL Injection.

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via BookSBIN.

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via PublisherID.

SQL injection vulnerability in Dynamic Lab Management System Project in PHP v.1.0 allows a remote attacker to execute arbitrary code via a crafted script.