3 matches found
PT-2023-9915 · Unknown · Xpressengine
Name of the Vulnerable Software and Affected Versions: XpressEngine versions up to 1.4.4 Description: A critical issue affects the Update Query Handler component, leading to sql injection. The estimated number of potentially affected devices worldwide is not available. There is no information abo...
PT-2021-22882 · Playsms · Playsms
Name of the Vulnerable Software and Affected Versions: playSMS versions prior to 1.4.5 Description: The issue allows for Arbitrary Code Execution by entering PHP code at the tabs-information-page of core main config, and then executing that code via the "index.php?app=main&inc=core welcome" URI...
PT-2020-6405 · Unknown +2 · Roundcubemail +2
Name of the Vulnerable Software and Affected Versions: Roundcube Mail versions prior to 1.4.5 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It is associated with the smtp config in the installer. The vulnerability may allow a remote attacker to impact data...