206 matches found
CVE-2026-22514
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
CVE-2024-42210
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP respons...
EUVD-2026-15528
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
CVE-2026-22514
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
CVE-2026-22514
CVE-2026-22514 concerns a Local File Inclusion in WordPress Theme Unica (and related RH/EUVD/NVD entries) due to improper control of filenames for PHP include/require. Affected software: AncoraThemes Unica? documentation refers to Unica WordPress theme (
CVE-2026-22514 WordPress Unica theme <= 1.4.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
CVE-2026-22514 WordPress Unica theme <= 1.4.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
PT-2026-27835
Name of the Vulnerable Software and Affected Versions AncoraThemes Unica versions through 1.4.1 Description The software contains a flaw related to improper control of filename handling for include/require statements, leading to a PHP Remote File Inclusion issue. This allows for PHP Local File...
WordPress plugin Unica 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2024-55477
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...
CVE-2024-42210
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...
CVE-2024-42210 HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...
CVE-2024-42210 HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...
CVE-2024-42210
CVE-2024-42210 affects HCL Unica Marketing Operations v12.1.8 and earlier. It is a Stored XSS vulnerability (second-order/persistent XSS) where data from untrusted sources can be included in later HTTP responses in an unsafe manner. The CVSS 3.1 base metrics indicate a HIGH severity (7.6) with ne...
CVE-2024-42210
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...
HCL Unica Marketing Operations 安全漏洞
HCL Unica Marketing Operations is a marketing activity management platform of the Indian company HCL. Versions of HCL Unica Marketing Operations 12.1.8 and earlier contained security vulnerabilities. These vulnerabilities were due to improper handling of data from unreliable sources, and could le...
PT-2026-26260
A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP...
CVE-2025-62320 HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform
HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external...
CVE-2025-62320
CVE-2025-62320 describes an HTML Injection vulnerability affecting the HCL Unica Platform. The issue arises when a web application does not properly validate or sanitize user input before rendering it on pages, enabling an attacker to inject HTML. When a browser loads the affected page, it may au...
CVE-2025-62320 HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform
HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external...