CVE-2024-11010

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.1.4 via the 'defaultlang' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, ...

CVE-2003-1488

The 1 verifadmin.php and 2 checkadmin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1...