5 matches found
CVE-2023-45108
Cross-Site Request Forgery CSRF vulnerability in Mailrelay plugin = 2.1.1 versions...
CVE-2021-24492
The hndtstactioninstancecallback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtstpreviewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL...
IBM Security Privileged Identity Manager Authorization Issues Vulnerability
IBM Security Privileged Identity Manager ISPIM is an identity management product within the IBM Identity Governance and Management solution from IBM in the United States. The product is designed to protect, automate and audit the use of privileged identities to help defend against insider threats...
e107 SQL Injection Vulnerability (CNVD-2017-10152)
e107 is an open source, free and PHP and MySQL based Content Management System CMS developed by e107 team. The system supports a variety of plug-in programs and appearance of the theme , can be used as a personal blog , discussion community , archive repository and so on. A SQL injection...
Burden TMA Cross-Site Scripting Vulnerability
Burden TMA is a full-featured PHP-based task management application that supports adding, editing, and deleting tasks, and distinguishes task importance levels by color. A cross-site scripting vulnerability exists in Burden TMA version 2.1.1, which stems from the program failing to adequately...