3 matches found
Dotnetnuke < 10.1.0 Reflected Cross-Site Scripting (XSS) using url to profile (CVE-2025-59821)
According to its self-reported version, the instance of Dotnetnuke running on the remote web server is prior to 10.1.0. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
PT-2025-4627 · WordPress · Wp Travel
Name of the Vulnerable Software and Affected Versions: WP Travel versions prior to 10.1.0 Description: The issue is related to improper neutralization of special elements used in an SQL command, which allows SQL injection. This means that an attacker could potentially inject malicious SQL code to...
PT-2020-14930 · Sugarcrm · Sugarcrm
Name of the Vulnerable Software and Affected Versions: SugarCRM versions prior to 10.1.0 Description: The issue allows SQL Injection. Recommendations: For versions prior to 10.1.0, update to version 10.1.0 or later to resolve the issue...