High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| Novel-Plus–Novel-Plus | A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-04-28 | 7.3 | CVE-2025-4019 |
| a3rev–Page View Count |
The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the yellow_message_dontshow() function in versions 2.8.0 to 2.8.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to one on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration. | 2025-05-01 | 8.1 | CVE-2025-2816 |
| ABB–ANC |
: Modification of Assumed-Immutable Data (MAID) vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4. | 2025-04-30 | 7.3 | CVE-2024-9876 |
| ABB–A […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins
Read the original article: Post navigation |