15 matches found
CVE-2026-25234
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...
CVE-2026-25234
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...
CVE-2026-25234 PEAR is Vulnerable to SQL Injection in Category Deletion
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...
EUVD-2026-5201
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...
CVE-2026-25234 PEAR is Vulnerable to SQL Injection in Category Deletion
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...
CVE-2026-25234
PEAR (PHP components framework) before version 1.33.0 is vulnerable to a SQL injection in the category deletion operation when an attacker can access the category manager workflow. The root cause is unsafely handling the category id in this workflow, enabling SQL injection. The issue has been fix...
PT-2026-6283
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...
PT-2025-45543
Name of the Vulnerable Software and Affected Versions The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress versions through 3.40.0 Description The software is susceptible to SQL Injection due to inadequate input validation and query preparation. Specifically, t...
CVE-2024-2830
The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sttagcloud' shortcode in all versions up to, and including, 3.13.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
CVE-2024-2830
The CVE-2024-2830 issue affects the WordPress Tag and Category Manager – AI Autotagger (Simple Tags) plugin, vulnerable up to version 3.13.0. A stored XSS flaw exists in the st_tag_cloud shortcode caused by insufficient input sanitization and escaping of user-supplied attributes. In the shortcode...
CVE-2024-2830 WordPress Tag and Category Manager – AI Autotagger <= 3.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sttagcloud' shortcode in all versions up to, and including, 3.13.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
PT-2024-22385 · WordPress · Wordpress Tag/Category Manager – Ai Autotagger
Name of the Vulnerable Software and Affected Versions: The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress versions up to, and including, 3.13.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin...
DMXReady Member Direcotry Manager 1.1 SQL Injection
Title : DMXReady Member Directory Manager http://target/path/applications/MemberDirectoryManager/incmemberdirectorymanager.asp Edit - http://target/path/admin/MemberDirectoryManager/components/CategoryManager/uploadimagecategory.asp?cid=SQL Inject Example: USERNAME-...
DMXReady PayPal Store Manager 1.1 - Contents Change
DMXReady PayPal Store Manager 1.1 - Contents Change Title : DMXReady PayPal Store Manager http://target/path//applications/PayPalStoreManager/incpaypalstoremanager.asp Edit - http://target/path//admin/PayPalStoreManager/CategoryManager/list.asp : milw0rm.com 2009-01-14...
DMXReady Classified Listings Manager 1.1 - SQL Injection
DMXReady Classified Listings Manager 1.1 - SQL Injection Title : DMXReady Classified Listings Manager /admin/ClassifiedListingsManager/components/CategoryManager/uploadimagecategory.asp?cid=5 union select 0,SecurityAdminUserName,2,5,9,3 from tblCLMconfig PASSWORD-...