WordPress Shipment Tracker for Woocommerce plugin <= 1.5.3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Shipment Tracker for Woocommerce versions = 1.5.3.2...

CVE-2007-0381

ATutor 1.5.3.2 contains multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via unspecified parameters. The underlying issue is not detailed in the provided documents beyond the vendor-fixed note; no exploitation details are given. The CVE entry in...

CVE-2006-5734

Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 section parameter in a documentation/common/frametoc.php and b documentation/common/search.php, the 2 reqlang parameter in documentation/common/search.php a...

CVE-2006-5734

The CVE-2006-5734 entry describes multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2, exploitable via untrusted URLs passed to specific parameters (1) section in documentation/common/frame_toc.php and documentation/common/search.php; (2) req_lang in documentation/common/search.p...