1599 matches found
Cross site scripting
The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the /admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6...
CVE-2021-34650
The CVE-2021-34650 entry corresponds to a Reflected Cross-Site Scripting vulnerability in the WordPress plugin eID Easy (versions up to 4.6). The issue arises from the error parameter in admin.php, enabling arbitrary script injection. Public sources consistently identify this as a vulnerability i...
CVE-2021-34650 eID Easy <= 4.6 Reflected Cross-Site Scripting
The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the /admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6...
eID Easy < 4.7 - Reflected Cross-Site Scripting
The plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the /admin.php file which allows attackers to inject arbitrary web scripts...
CF Geo Plugin < 7.13.12 - Reflected Cross-Site Scripting
The plugin does not escape the some parameter before outputting them back in admin pages, leading to a Reflected Cross-Site Scripting issue POST /wp-admin/admin.php?page=cf-geoplugin-activate HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Language...
Sql injection
SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...
CVE-2021-3264
SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...
Electron Technologies FZC PopojiCMS Cross-Site Request Forgery Vulnerability
Electron Technologies FZC PopojiCMS is an open source content management system CMS based on the Popoji framework from Electron Technologies FZC. version 2.0.1 of Electron Technologies FZC PopojiCMS admin.php is vulnerable to cross-site request forgery. No detailed vulnerability details are...
CVE-2020-19821
A SQL injection vulnerability in admin.php of DOYOCMS 2.3 allows attackers to execute arbitrary SQL commands via the orders parameter...
CVE-2020-19821
A SQL injection vulnerability in admin.php of DOYOCMS 2.3 allows attackers to execute arbitrary SQL commands via the orders parameter...
Sql injection
A SQL injection vulnerability in admin.php of DOYOCMS 2.3 allows attackers to execute arbitrary SQL commands via the orders parameter...
CVE-2020-19821
DOYO CMS (DOYOCMS) 2.3 contains a SQL injection in admin.php reachable via the orders[] parameter, allowing attackers to execute arbitrary SQL commands. Root cause: improper handling/sanitization of the orders[] input leads to injection. Affected component: DOYOCMS 2.3; entry describes high-sever...
CVE-2020-19821
A SQL injection vulnerability in admin.php of DOYOCMS 2.3 allows attackers to execute arbitrary SQL commands via the orders parameter...
DOYO SQL注入漏洞
DOYO doyocms is a PHP-based open source content management system CMS. A SQL injection vulnerability exists in admin.php of DOYO CMS 2.3, which can be exploited by an attacker to execute arbitrary SQL commands via the orders parameter...
CVE-2020-19547
Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php...
CVE-2020-19547
Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php...
CVE-2020-18065
Cross Site Scripting XSS vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager--------- edit menu...
Directory traversal
Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php...
CVE-2020-19547
Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php...
CVE-2020-19547
CVE-2020-19547 affects PopojiCMS 2.0.1, where a directory traversal vulnerability exists via the id parameter in admin.php. The issue is triggered over the network and is tied to an input path handling flaw in PopojiCMS’s admin interface, allowing potentially access to sensitive files. The connec...