5 matches found
CVE-2022-40842
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...
PT-2022-25573 · Ndk Design · Ndkadvancedcustomizationfields
Name of the Vulnerable Software and Affected Versions: ndk design NdkAdvancedCustomizationFields version 3.5.0 Description: The issue is related to Server-side request forgery SSRF via the rotateimg.php file. This allows for potential unauthorized access to internal resources. Recommendations: Fo...
NdkAdvancedCustomizationFields 代码问题漏洞
NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A server-side request forgery vulnerability exists in NdkAdvancedCustomizationFields 3.5.0 and prior versions, which stems from rotateimg.php failing to properly validate user input. An attacker could use this vulnerabili...
CVE-2022-40840
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...
NdkAdvancedCustomizationFields SQL注入漏洞
NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A security vulnerability exists in NdkAdvancedCustomizationFields version v3.5.0, which stems from a SQL injection vulnerability in the height and width parameters, allowing an unauthenticated attacker to steal database...