5 matches found
CVE-2020-17386
Cellopoint Cellos/CelloOS vulnerability CVE-2020-17386: improper validation of URL input allows an authenticated user to tamper with a URL parameter via cookies and access arbitrary files on the system (SSRF). Affected product/version: Cellopoint CelloOS/Cellos v4.1.10 Build 20190922. Impact indi...
CVE-2019-17386
The CVE-2019-17386 entry documents a CSRF vulnerability in the WordPress plugin Animate It! (before version 2.3.6), specifically in the edsanimate.php file. The issue allows unauthorized cross-site requests to be made from an affected client, as described in multiple sources. Connected documents ...
CVE-2018-17386
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATHINFO to mydeals/ or listdeals/...
CVE-2018-17386
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATHINFO to mydeals/ or listdeals/...
CVE-2018-17386
CVE-2018-17386 : The Joomla! Micro Deal Factory 2.4.0 component contains a SQL injection vulnerability via the id parameter or PATH_INFO routes (mydeals/ or listdeals/). Attackers could potentially execute arbitrary SQL commands against the underlying database. The description is consistently rep...