7 matches found
PT-2023-32234 · WordPress · Wp Mail Log
Name of the Vulnerable Software and Affected Versions: WP Mail Log WordPress plugin versions prior to 1.1.3 Description: The issue arises from the WP Mail Log WordPress plugin not properly sanitizing and escaping a parameter before using it in a SQL statement, leading to a SQL injection. This can...
WordPress plugin WP Mail Log security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in the...
SUSE CVE-2021-36780
A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn...
Rafael França activerecord-session_store 安全漏洞
Rafael França activerecord-sessionstore is an open source application by Rafael França. A default class is provided, but any object with a textual sessionid and data attribute duck-typed into the Active Record Session class is sufficient. A security vulnerability exists in all versions of...
OFCMS backend ueditor uploadScrawl file upload vulnerability
OFCMS is a content management system based on Java technology. A backend ueditor uploadScrawl file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account the file.jsp::$DATA of the...
OFCMS Backend SQL Injection Vulnerability
OFCMS is a content management system based on Java technology. A backend SQL injection vulnerability exists in versions of OFCMS prior to 1.1.3. An attacker can exploit the vulnerability to launch admin/system/generate/create?sql= SQL injection attack...
NTPsec Buffer Overflow Vulnerability
NTPsec is an implementation of the Network Time Protocol. A stack buffer overflow vulnerability exists in the readsysvars of the ntpcontrol.c file of ntpd in versions prior to NTPsec 1.1.3, which can be exploited by an attacker to cause a denial of service...