Browse all 4 CVE security advisories affecting sc0ttkclark. AI-powered Chinese analysis, POCs, and references for each vulnerability.
sc0ttkclark is a security researcher focused on identifying vulnerabilities in web applications and open-source software. Their work primarily centers on uncovering remote code execution, cross-site scripting, and privilege escalation flaws across various platforms. With four CVEs recorded, they demonstrate a consistent pattern of exposing critical security weaknesses in widely used systems. While no major public incidents are directly attributed to their findings, their contributions highlight persistent risks in software supply chains and content management frameworks. Their research typically emphasizes practical exploitation paths, often targeting authentication mechanisms and data validation processes to highlight real-world attack vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-3956 | Pods – Custom Content Types and Fields <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pod Form Redirect URL — Pods – Custom Content Types and FieldsCWE-79 | 5.4 | Medium | 2024-05-10 |
| CVE-2023-6999 | Pods - Custom Content Types and Fields - Authenticated (Contributor+) Remote Code Execution — Pods – Custom Content Types and FieldsCWE-77 | 8.8 | High | 2024-04-09 |
| CVE-2023-6965 | Pods - Custom Content Types and Fields - Missing Authorization — Pods – Custom Content Types and FieldsCWE-862 | 4.3 | Medium | 2024-04-09 |
| CVE-2023-6967 | Pods - Custom Content Types and Fields - Authenticated (Contributor+) SQL Injection via Shortcode — Pods – Custom Content Types and FieldsCWE-89 | 8.8 | High | 2024-04-09 |
This page lists every published CVE security advisory associated with sc0ttkclark. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.