4 matches found
PT-2023-9948 · Unknown · Hd Flv Player Plugin
Name of the Vulnerable Software and Affected Versions: HD FLV Player Plugin versions up to 1.7 Description: A critical issue has been found in the HD FLV Player Plugin, affecting the function hd add media/hd update media of the file functions.php. The manipulation of the argument name leads to SQ...
PT-2022-22162 · Dell · Dell Hybrid Client
Name of the Vulnerable Software and Affected Versions: Dell Hybrid Client versions prior to 1.8 Description: The issue is related to a Regular Expression Denial of Service in the UI. An adversary with WMS group admin access could potentially exploit this, leading to temporary denial-of-service...
PT-2022-14202 · WordPress · Awin Data Feed
Name of the Vulnerable Software and Affected Versions: Awin Data Feed WordPress plugin versions prior to 1.8 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted via an AJAX action...
PT-2018-5238 · Poco +1 · Poco C++ Libraries +1
Name of the Vulnerable Software and Affected Versions: POCO C++ Libraries versions prior to 1.8 Description: The issue concerns a "file path injection vulnerability" in the ZipCommon::isValidPath function, which does not properly restrict the filename value in the ZIP header. This allows attacker...