CVE-2024-8155

A vulnerability classified as critical was found in ContiNew Admin 3.2.0. Affected by this vulnerability is the function top.continew.starter.extension.crud.controller.BaseControllertree of the file /api/system/dept/tree?sort=parentId%2Casc=sort%2Casc. The manipulation of the argument sort leads ...

WordPress WP-Recall plugin < 16.26.12 - Admin+ SQL Injection vulnerability

Admin+ SQL Injection vulnerability discovered by y4ng0615 in WordPress Plugin WP-Recall versions 16.26.12...

WordPress Track Logins plugin <= 1.0 - Admin+ SQL Injection vulnerability

Admin+ SQL Injection vulnerability discovered by Francisco Alisson in WordPress Plugin Track Logins versions = 1.0...

WordPress plugin Track Logins 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Search & Replace < 3.2.2 - Admin+ SQL injection

Description The plugin does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks such as within a multi-site network. 1. Go to the Tools parameter 2. Select Search & Replace 3. Click "Do Search & Replace" 4. Change the parameters...

CVE-2022-27342

Link-Admin v0.0.1 was discovered to contain a SQL injection vulnerability via DictRest.ResponseResult...