7 matches found
PT-2026-45672
A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit...
WordPress plugin myLinksDump SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
WordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Bard versions = 1.6...
WordPress plugin Woocommerce Notify Updated Product Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2024-32598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...
CVE-2024-24839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
SUSE CVE-2008-3326
Cross-site scripting XSS vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter blog entry title...