11 matches found
EUVD-2026-43143
The Booking Package plugin for WordPress is vulnerable to generic SQL Injection via 'email' Form Parameter form in all versions up to, and including, 1.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
EUVD-2024-29953
Malicious code in bioql PyPI...
CVE-2024-32132
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20...
PT-2024-24698 · Unknown · Cbx Bookmark & Favorite
Name of the Vulnerable Software and Affected Versions: CBX Bookmark & Favorite versions 1.7.20 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...
WordPress CBX Bookmark & Favorite plugin <= 1.7.20 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin CBX Bookmark & Favorite versions = 1.7.20...
WordPress CBX Bookmark & Favorite Plugin <= 1.7.20 is vulnerable to Cross Site Scripting (XSS)
Software CBX Bookmark & Favorite Type Plugin Vulnerable versions = 1.7.20 Fixed in 1.7.22 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32577 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c797afa81115 Credits LVT-tholv2k Required privile...
PT-2024-24427 · Unknown · Cbx Bookmark & Favorite
Name of the Vulnerable Software and Affected Versions: CBX Bookmark & Favorite versions 1.7.20 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by...
WordPress CBX Bookmark & Favorite plugin <= 1.7.20 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin CBX Bookmark & Favorite versions = 1.7.20...
WordPress CBX Bookmark & Favorite Plugin <= 1.7.20 is vulnerable to SQL Injection
Software CBX Bookmark & Favorite Type Plugin Vulnerable versions = 1.7.20 Fixed in 1.7.21 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32132 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 07995252cb06 Credits Muhammad Daffa Required privilege...
PT-2023-22581 · Prestashop · Prestashop Customexporter
Name of the Vulnerable Software and Affected Versions: Prestashop customexporter versions 1.7.20 and earlier Description: The issue is related to Incorrect Access Control. It affects the downloads/download.php file in the modules/customexporter directory. Recommendations: For Prestashop...
Prestashop 路径遍历漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. Prestashop 1.7.20 and previous versions of the existence of path traversal...