EUVD-2021-26483

Malware in sbrugna...

SourceCodester Pet Grooming Management Software SQL注入漏洞

SourceCodester Pet Grooming Management Software is an open source pet grooming management system from SourceCodester. SourceCodester Pet Grooming Management Software version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter ID in the file...

Campcodes Online Recruitment Management System 注入漏洞

CampCodes Online Recruitment Management System is a recruitment management system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Recruitment Management System version 1.0, which stems from improper handling of parameter IDs in the file /admin/ajax.php, which cou...

Wordpress Load More SQL注入漏洞

Wordpress Load More is Wordpress an open source application plugin . Provide a load more items function . WordPress Load More plugin before 5.3.2 SQL injection vulnerability exists , the vulnerability stems from /wp-admin/admin-ajax.php repeater parameter or type=test parameter...

CVE-2020-7104

The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php totalquestions parameter...

CVE-2019-11557

The WebDorado Contact Form Builder plugin before 1.0.69 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $POST'action' value and the $GET'action' value, and the...

CVE-2018-5654

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREEAccessToken parameter...