CVE-2021-24432

The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'termid' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue...

CVE-2024-4434

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘termid’ parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

PT-2024-31134

Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.6.5 Description The issue allows for time-based SQL Injection due to insufficient escaping on the user-supplied term id parameter and lack of sufficient preparation on the...

CVE-2021-24432

The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'termid' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue...

CVE-2023-6607

A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/wiki/cp/manage/delete.php. The manipulation of the argument TERMIDSTR leads to sql injection. The exploit has been disclosed to t...

Tongda OA SQL Injection Vulnerability

Tongda2000 is a web-based intelligent office system from China Tongda Tongda. Tongda OA 2017 11.10 and earlier versions suffer from a SQL injection vulnerability that originates from the presence of an unknown function in general/wiki/cp/manage/delete.php, which leads to SQL injection via the...

Tongda OA 2017 Security Breach

Tongda2000 is a network intelligent office system from China Tongda Tongda. A security vulnerability exists in Tongda OA 2017 11.9 and earlier versions, which originates from a SQL injection vulnerability in the parameter TERMIDSTR in the file general/wiki/cp/manage/lock.php...