3143 matches found
CVE-2019-11513
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action...
Design/Logic Flaw
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action...
CVE-2019-11513
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action...
CVE-2019-11513
CMS Made Simple’s File Manager (affected through version 2.2.10) is vulnerable to a Reflected XSS in the Rename action via the New name field. The connected sources consistently describe a reflected XSS condition in this component; no patch/version fix is specified in the provided documents. Expl...
CVE-2019-11513
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action...
Design/Logic Flaw
An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase a...
CVE-2019-11446
An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase a...
WordPress File Manager Plugin <= 3.0 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112566";...
CVE-2018-16966
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
Cross site request forgery (csrf)
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
CVE-2018-16967
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
Cross site scripting
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
CVE-2018-16966
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
CVE-2018-16967
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
CVE-2018-16967
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
CVE-2018-16967
CVE-2018-16967 concerns a reflected XSS in the mndpsingh287 File Manager plugin for WordPress (v3.0) exploitable via the public_path parameter on the wp_file_manager_root page. Multiple sources reiterate that an attacker can inject arbitrary JavaScript through this parameter, potentially affectin...
CVE-2018-16966
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wpfilemanagerroot publicpath parameter...
CVE-2018-16966
CVE-2018-16966 concerns the WordPress plugin “mndpsingh287 File Manager” (v3.0) where a CSRF vulnerability exists via the page=wp_file_manager_root public_path parameter. The issue allows an attacker to trigger actions on behalf of a logged-in user (requires user interaction per CVSS3) without au...
PT-2019-9386 · WordPress · Mndpsingh287 File Manager
Name of the Vulnerable Software and Affected Versions: mndpsingh287 File Manager plugin version 3.0 for WordPress Description: The issue is related to a CSRF vulnerability. It affects the public path parameter in the page=wp file manager root endpoint. Recommendations: For version 3.0 of the...
PT-2019-9387 · WordPress · Mndpsingh287 File Manager
Name of the Vulnerable Software and Affected Versions: mndpsingh287 File Manager plugin version 3.0 Description: The issue is related to an XSS vulnerability. It affects the mndpsingh287 File Manager plugin for WordPress, specifically via the public path parameter in the page=wp file manager root...