Command Injection

Overview james-heinrich/phpthumb is a The PHP thumbnail generator Affected versions of this package are vulnerable to Command Injection via the gifoutputAsJpeg function in phpthumb.gif.php file. An attacker can execute arbitrary operating system commands by supplying a specially crafted parameter...

PixSoft Pixsoft E-Saphira 注入漏洞

PixSoft Pixsoft E-Saphira is an application from PixSoft, Inc. An injection vulnerability exists in PixSoft Pixsoft E-Saphira version 1.7.24. An attacker can exploit the vulnerability to remotely execute code...

CVE-2023-2528

The Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions vi...

WordPress plugin Contact Form by Supsystic 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Contact Form by Supsystic...

Cross-Site Scripting in grav

grav prior to version 1.7.24 is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...