14 matches found
PT-2026-1596
Name of the Vulnerable Software and Affected Versions Stylish Order Form Builder plugin for WordPress versions prior to 1.1 Description The Stylish Order Form Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escapi...
PT-2025-46287
Name of the Vulnerable Software and Affected Versions Coon Google Maps plugin for WordPress versions prior to 1.1 Description The Coon Google Maps plugin for WordPress is susceptible to Stored Cross-Site Scripting through the height parameter within the 'map' shortcode. This occurs because of...
CVE-2025-49945 WordPress Shortcode Generator plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kylegetson Shortcode Generator shortcode-generator allows Reflected XSS.This issue affects Shortcode Generator: from n/a through = 1.1...
ArslanSoft Education Portal Security Breach
ArslanSoft Education Portal is an education portal from ArslanSoft, Inc. A security vulnerability exists in ArslanSoft Education Portal versions prior to v1.1 that stems from a security flaw in the Outbound Error Messages and Alert Signals features...
Turna Advertising Administration Panel SQL Injection Vulnerability
Turna Advertising Administration Panel is an advertising administration panel from Turna. Turna Advertising Administration Panel versions prior to 1.1 are vulnerable to a SQL injection vulnerability that stems from the presence of a SQL injection vulnerability...
PT-2023-12670 · Saysis Computer · Starcities
Name of the Vulnerable Software and Affected Versions: Starcities versions prior to 1.1 Description: The issue affects Saysis Computer Starcities, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. This enables an attacker to inject malicious...
Uzay Baskul Weighbridge Automation Software SQL注入漏洞
Uzay Baskul Weighbridge Automation Software is an industrial control automation software from Uzay Baskul. A security vulnerability exists in Uzay Baskul Weighbridge Automation Software versions prior to 1.1, which stems from improper neutralization of a special element, resulting in SQL injectio...
json2html 跨站脚本漏洞
json2html is an open source javascript library from the individual developer Chad Brown . A cross-site scripting vulnerability exists in versions of Json2html prior to 1.1.x. An attacker can exploit this vulnerability to perform cross-site scripting attacks. Attackers can exploit this vulnerabili...
Ping Identity PingID Mac Login 授权问题漏洞
Ping Identity PingID Mac Login is an authentication application from Ping Identity USA. A security vulnerability exists in Ping Identity PingID Mac Login versions prior to 1.1, which stems from an RSA misconfiguration that is susceptible to a pre-computed dictionary attack, leading to an offline...
CVE-2021-43362
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1...
Cloudera Data Engineering 跨站请求伪造漏洞
Cloudera Data Engineering is a service-less architecture cloud service from Cloudera, Inc. that supports the creation of Apache Spark tasks on a cloud platform. A cross-site request forgery vulnerability exists in Cloudera Data Engineering versions prior to 1.1, which stems from vulnerability to...
WordPress PopCash.Net Code Integration Tool plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . PopCash.Net Code Integration Tool plugin is used in one of the code integration tool . A cross-site scripting...
Newphoria Koritore app has full vulnerability
Newphoria Koritore for Android and iOS is a set of Android and iOS based platforms from Newphoria Japan. A security vulnerability exists in versions of the Newphoria Koritore app for Android and iOS based platforms prior to version 1.1. An attacker can exploit the vulnerability to bypass the URL...
PT-2006-5528 · Phprog · Phprog
Name of the Vulnerable Software and Affected Versions: PHProg versions prior to 1.1 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter of the index.php file. This is a directory traversal vulnerability. Recommendations: For versions prior...