13 matches found
CVE-2025-48090
Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka-wp allows PHP Local File Inclusion.This issue affects Blanka - One Page WordPress Theme: from n/a through 1.5...
CVE-2025-48090
Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka-wp allows PHP Local File Inclusion.This issue affects Blanka - One Page WordPress Theme: from n/a through 1.5...
CVE-2024-40113
Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials...
CVE-2019-13564
XSS exists in Ping Identity Agentless Integration Kit before 1.5...
CVE-2024-9149
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wind Media E-Commerce Website Template allows SQL Injection. This issue affects E-Commerce Website Template: before v1.5...
CVE-2024-9149 SQLi in Wind Media's E-Commerce Website Template
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wind Media E-Commerce Website Template allows SQL Injection. This issue affects E-Commerce Website Template: before v1.5...
CVE-2024-9149 SQLi in Wind Media's E-Commerce Website Template
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wind Media E-Commerce Website Template allows SQL Injection. This issue affects E-Commerce Website Template: before v1.5...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
Easy!Appointments 授权问题漏洞
Easy!Appointments is a web-based appointment and schedule management system. A vulnerability in authorization issues exists in versions prior to Easy!Appointments 1.5.0, which can be exploited by an attacker to gain higher-level privileges or the ability to view sensitive data...
CVE-2022-36911
A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2021-24718
The Contact Form, Survey & Popup Form Plugin for WordPress plugin before 1.5 does not properly sanitize some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Dell Hybrid Client 信息泄露漏洞
DELL Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. An information disclosure vulnerability exists in Dell Hybrid Client versions prior to 1.5, which can be exploited by attackers to obtain sensiti...
WordPress unite-gallery-lite plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. unite-gallery-lite is an image and video gallery plugin used in it. A cross-site request forgery vulnerability exists in WordPress...