25 matches found
EUVD-2023-23686
Malicious code in bioql PyPI...
EUVD-2023-23673
Malicious code in bioql PyPI...
CVE-2023-1435
The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-1420
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1420
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1435
The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Cross site scripting
The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Cross site scripting
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1435
CVE-2023-1435 affects Ajax Search Pro for WordPress prior to v4.26.2. The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitization/escaping of input parameters before echoing them back in pages, enabling an attacker to target high-privilege users (e.g., admins). Publi...
CVE-2023-1435 Ajax Search Lite Pro < 4.26.2 - Multiple Reflected Cross-Site Scripting
The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-1420 Ajax Search Lite < 4.11.1, Pro < 4.26.2 - Reflected Cross-Site Scripting
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1420
CVE-2023-1420 affects WordPress Ajax Search Lite (<= 4.11.0) and Ajax Search Pro (
CVE-2023-1420 Ajax Search Lite < 4.11.1, Pro < 4.26.2 - Reflected Cross-Site Scripting
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
WordPress Ajax Search Pro Plugin < 4.26.2 is vulnerable to Cross Site Scripting (XSS)
Software Ajax Search Pro Type Plugin Vulnerable versions 4.26.2 Fixed in 4.26.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1435 Patch priority High CVSS severity High 6.1 Developer Claim ownership PSID 019181a32a8a Credits Erwan LR Required...
WordPress Ajax Search Pro Plugin < 4.26.2 is vulnerable to Cross Site Scripting (XSS)
Software Ajax Search Pro Type Plugin Vulnerable versions 4.26.2 Fixed in 4.26.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1420 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID ce1b6f916ace Credits Erwan LR Required...
WordPress Ajax Search Pro Untrusted Data Deserialization Vulnerability
WordPress Ajax Search Pro is a search engine from WordPress. An untrusted data deserialization vulnerability exists in the import database feature of the admin panel of WordPress Ajax search pro versions prior to 4.20.8, which can be exploited by an attacker to achieve remote code execution...
WordPress Ajax Search Pro 代码问题漏洞
WordPress Ajax Search Pro is a search engine from WordPress. An untrusted data deserialization vulnerability exists in the import database feature of the admin panel of WordPress Ajax search pro versions prior to 4.20.8, which can be exploited by an attacker to achieve remote code execution...
SysGauge Pro 4.6.12 - Local Buffer Overflow (SEH)
SysGauge Pro 4.6.12 - Local Buffer Overflow SEH !/usr/bin/python Exploit Title : SysGauge Pro v4.6.12 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.sysgauge.com/ Vulnerable Software :...
10-Strike Network File Search Pro 2.3 - Local Buffer Overflow (SEH)
10-Strike Network File Search Pro 2.3 - Local Buffer Overflow SEH !python Exploit title: 10-Strike Network File Search Pro 2.3 Registration code SEH exploit Date: 2016-12-10 Vendor homepage: https://www.10-strike.com/network-file-search/help/pro.shtml Download:...
WordPress Ajax Search Pro Remote Code Execution Vulnerability
This vulnerability allows any registered user to execute arbitrary functions Usage Info http://localhost/x/wordpress/wp-admin/admin-ajax.php?page=ajax-search-pro/backend/settings.php&action=wpdreams-ajaxinput post data:...