11 matches found
CVE-2020-36842
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvividuploadimportfiles and wpvividuploadfiles AJAX actions that allows low-level authenticated attackers to upload zip files that can be subsequently...
CVE-2020-36842
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvividuploadimportfiles and wpvividuploadfiles AJAX actions that allows low-level authenticated attackers to upload zip files that can be subsequently...
CVE-2020-36835
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wpajaxwpvividaddremote AJAX action that allows low-level authenticated attackers to send back-ups to a remote...
WordPress plugin Migration, Backup, Staging – WPvivid 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Migration,...
WordPress plugin Migration, Backup, Staging – WPvivid 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Migration,...
PT-2024-10852 · WordPress · Wpvivid
Name of the Vulnerable Software and Affected Versions: Migration, Backup, Staging – WPvivid plugin for WordPress versions up to, and including 0.9.35 Description: The issue is related to arbitrary file uploads due to a missing capability check on the wpvivid upload import files and wpvivid upload...
OneNav 安全漏洞
OneNav is a minimalist navigation/bookmark management system developed using PHP. A security vulnerability exists in OneNav version v0.9.35-20240318, which stems from a Server Request Forgery SSRF vulnerability in component/index.php...
PT-2024-25503 · Onenav · Onenav
Name of the Vulnerable Software and Affected Versions: OneNav version 0.9.35-20240318 Description: The issue is related to a Server-Side Request Forgery SSRF in the component "/index.php?c=api&method=get link info". This allows for potential unauthorized access to internal resources...
yard Security breach
yard is a documentation generation tool for the Ruby programming language. A security vulnerability exists in versions prior to yard 0.9.35, which stems from insufficient cleaning of user input and makes it susceptible to cross-site scripting XSS attacks...
CVE-2016-5100
Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value...
[ MDVSA-2014:087 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:087 http://www.mandriva.com/en/support/security/ Package : php Date : May 15, 2014 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in php: PHP FPM in PHP...