Lucene search
K

7 matches found

NVD
NVD
added 2026/07/01 5:16 a.m.6 views

CVE-2026-13443

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Lesson Attachment Title in all versions up to, and including, 3.9.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00206EPSS
Exploits0References8
CVE
CVE
added 2026/07/01 3:43 a.m.11 views

CVE-2026-13443

The CVE-2026-13443 entry concerns the WordPress plugin Tutor LMS (eLearning and online course solution). Affected: all versions up to and including 3.9.13. Issue: Stored Cross-Site Scripting via the Lesson Attachment Title due to insufficient input sanitization and output escaping. Impact: authen...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2019/12/20 12:0 a.m.397 views

Joomla! 2.5.0 - 3.9.13 SQLi Vulnerability

Joomla! is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

9.8CVSS8.9AI score0.01686EPSS
Exploits0References1
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.97 views

Joomla 3.9.13 - Host Header Injection

Joomla 3.9.13 - Host Header Injection Exploit Title: Joomla 3.9.13 - 'Host' Header Injection Author: Pablo Santiago Date: 2019-11-12 Vendor Homepage: https://www.joomla.org/ Source: https://downloads.joomla.org/cms/joomla3/3-9-13/Joomla3-9-13-Stable-FullPackage.zip?format=zip Version: 3.9.13 CVE ...

Exploits0
0day.today
0day.today
added 2019/11/12 12:0 a.m.405 views

Joomla 3.9.13 - (Host) Header Injection Exploit

Exploit for php platform in category web applications 0day.today 2019-12-04...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.232 views

Joomla 3.9.13 Host Header Injection

Exploit Title: Joomla 3.9.13 - 'Host' Header Injection Author: Pablo Santiago Date: 2019-11-12 Vendor Homepage: https://www.joomla.org/ Source: https://downloads.joomla.org/cms/joomla3/3-9-13/Joomla3-9-13-Stable-FullPackage.zip?format=zip Version: 3.9.13 CVE : N/A Tested on: Windows 10 PoC curl...

Exploits0
NVD
NVD
added 2019/11/06 2:15 a.m.17 views

CVE-2019-18650

An issue was discovered in Joomla! before 3.9.13. A missing token check in comtemplate causes a CSRF vulnerability...

8.8CVSS8.7AI score0.00452EPSS
Exploits0References1
Rows per page
Query Builder