6 matches found
EUVD-2022-34648
Malicious code in bioql PyPI...
CVE-2022-2381
The E Unlocked - Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack...
CVE-2022-2381
The E Unlocked - Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack...
CVE-2022-2381
The CVE covers the WordPress plugin E Unlocked - Student Result (
WordPress plugin E Unlocked - Student Result 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
E Unlocked - Student Result <= 1.0.4 - Arbitrary File Upload via CSRF
The plugin is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST",...