23 matches found
CVE-2024-47369
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweb Social Auto Poster social-auto-poster allows Reflected XSS.This issue affects Social Auto Poster: from n/a through = 5.3.15...
CVE-2024-49272
Cross-Site Request Forgery CSRF vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15...
PT-2024-33411 · WordPress · Wpweb Social Auto Poster
Name of the Vulnerable Software and Affected Versions: WPWeb Social Auto Poster versions n/a through 5.3.15 Description: A Cross-Site Request Forgery CSRF issue affects WPWeb Social Auto Poster, allowing unauthorized actions to be performed on behalf of a user. This issue can be exploited by...
CVE-2024-47369
CVE-2024-47369 is a reflected XSS vulnerability in the WordPress plugin Social Auto Poster (WPWeb Social Auto Poster/Social Auto Poster). Affected versions are up to 5.3.15 (inclusive); input is not properly neutralized during web-page generation, enabling reflected XSS. The vulnerability has bee...
WordPress plugin Social Auto Poster 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...
PT-2024-32586
Name of the Vulnerable Software and Affected Versions WPWeb Social Auto Poster versions n/a through 5.3.15 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows Reflected XSS. Recommendations For versio...
WordPress Social Auto Poster plugin <= 5.3.15 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Social Auto Poster versions = 5.3.15...
CVE-2024-45398
Contao CMS vulnerability: a back-end user with file-manager access can upload and execute malicious files on the server, enabling remote command execution. Affected range includes Contao 4.x up to 4.13.48, 5.x up to 5.4.2. Remediation recommended by advisories is to upgrade to Contao 4.13.49, 5.3...
PT-2024-31708 · Contao · Contao
Name of the Vulnerable Software and Affected Versions: Contao versions prior to 4.13.49 Contao versions prior to 5.3.15 Contao versions prior to 5.4.3 Description: In affected versions of Contao, an Open Source CMS, an untrusted user can inject insert tags into the canonical tag, which are then...
PT-2024-31602 · Contao · Contao
Name of the Vulnerable Software and Affected Versions: Contao versions prior to 4.13.49 Contao versions prior to 5.3.15 Contao versions prior to 5.4.3 Description: Contao is an Open Source CMS. In affected versions, a back end user with access to the file manager can upload malicious files and...
WordPress Social Auto Poster Plugin <= 5.3.14 is vulnerable to Cross Site Scripting (XSS)
Software Social Auto Poster Type Plugin Vulnerable versions = 5.3.14 Fixed in 5.3.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6753 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID df6582eddf1d Credits István Márton...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in spring-web-5.3.15.jar
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of spring-web-5.3.15.jar Vulnerability Details CVEID:CVE-2024-22243 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability...
SUSE CVE-2012-2688
Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."...
SUSE CVE-2012-3365
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name2 parameter to admin/column/delete.php...
CVE-2017-6878
Cross-site scripting XSS vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name2 parameter to admin/column/delete.php...
CVE-2017-6878
MetInfo 5.3.15 contains a stored XSS in the admin/column/delete.php endpoint via the name_2 parameter, exploitable by remote authenticated users to inject scripts. PoCs and discussion appear in Seebug and PacketStorm references; no patch or remediation details are provided in the supplied documen...
CMSLogik 1.2.1 - Multiple Vulnerabilities
!/usr/bin/python CMSLogik 1.2.1 uploadfileajax Shell Upload Exploit Vendor: ThemeLogik Product web page: http://www.themelogik.com/cmslogik Affected version: 1.2.1 and 1.2.0 Summary: CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This...
PHP < 5.3.15, 5.4.x < 5.4.5 Buffer Overflow Vulnerability - Windows
PHP is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
PHP 5.3.x < 5.3.15 Multiple Vulnerabilities
Binary data 801075.prm...