8 matches found
WordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Skalucy in WordPress Plugin WP-EasyArchives versions = 3.1.2...
CVE-2025-8132
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function delfile of the file app/extend/utils.js. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public...
WordPress plugin Automation By Autonami SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
PT-2024-20574 · WordPress · Wp Dummy Content Generator
Name of the Vulnerable Software and Affected Versions: WP Dummy Content Generator versions 3.1.2 and earlier Description: The issue is related to a Missing Authorization vulnerability in the WP Dummy Content Generator plugin for WordPress. This vulnerability allows for a security bypass...
DeShang DSCMS Access Control Error Vulnerability
DeShang DSCMS is a website builder for enterprise websites from DeShang, China. An access control error vulnerability exists in DeShang DSCMS prior to version 3.1.2, which stems from the file public/install.php that causes incorrect access control...
PT-2022-21940 · WordPress · Biplob018 Shortcode Addons
Name of the Vulnerable Software and Affected Versions: Biplob018 Shortcode Addons plugin versions 3.1.2 and earlier Description: The issue allows authenticated options change in the Biplob018 Shortcode Addons plugin at WordPress. Recommendations: For Biplob018 Shortcode Addons plugin versions 3.1...
Improper Access Control
Overview Affected versions of this package are vulnerable to Improper Access Control. The recvfiles function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemonfilterlist data...
Libarchive Directory Traversal Vulnerability
libarchive is a multi-format archive and compression library. A directory traversal vulnerability exists in libarchive 3.1.2 and earlier versions of the bsdcpio toolkit. A remote attacker can exploit this vulnerability to write arbitrary files with the full pathname of an archive file...