Lucene search
K

1339 matches found

wpexploit
wpexploit
added 2023/04/24 12:0 a.m.168 views

tagDiv Composer < 4.0 - Reflected Cross-site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open a page containing the HTML code below...

6.1CVSS5.7AI score0.00506EPSS
Exploits2
wpexploit
wpexploit
added 2023/04/12 12:0 a.m.133 views

ChatBot < 4.4.9 - Subscriber+ OpenAI Settings Update to Stored XSS

The plugin does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of escaping of the settings, this could also lead to Stored XSS Run the below command in...

5.4CVSS5.6AI score0.00242EPSS
Exploits2
Prion
Prion
added 2023/04/05 2:15 p.m.11 views

Sql injection

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login...

5.8CVSS7.2AI score0.00726EPSS
Exploits1References1Affected Software1
wpexploit
wpexploit
added 2023/03/22 12:0 a.m.408 views

W4 Post List < 2.4.6 - Subscriber+ Password Protected Post Content Disclosure

The plugin does not ensure that password protected posts can be accessed before displaying their content, which could allow any authenticated users to access them Setup: Create a default Post list, and create a password protected post with secret content Then, run the below command in the develop...

6.5CVSS6.9AI score0.00654EPSS
Exploits2
wpexploit
wpexploit
added 2023/03/22 12:0 a.m.97 views

InPost Gallery <= 2.1.4.1 - Reflected XSS

The plugin does not sanitise and escape the imgurl parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open...

5.4CVSS5.7AI score0.00441EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/03/22 12:0 a.m.20 views

MDTF < 1.3.1 - Reflected XSS

The plugin does not sanitise and escape the taxname parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open...

5.4CVSS5.5AI score0.00441EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2023/03/22 12:0 a.m.80 views

MDTF < 1.3.1 - Reflected XSS

The plugin does not sanitise and escape the taxname parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open...

5.4CVSS5.7AI score0.00441EPSS
Exploits2References1
Prion
Prion
added 2023/03/17 8:15 a.m.15 views

Authentication flaw

A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...

6.4CVSS9.4AI score0.00971EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/17 7:51 a.m.31 views

CVE-2023-1460 SourceCodester Online Pizza Ordering System Password Change improper authentication

A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...

6.5CVSS9.7AI score0.00971EPSS
Exploits0References2
CVE
CVE
added 2023/03/17 7:51 a.m.52 views

CVE-2023-1460

CVE-2023-1460 concerns the SourceCodester Online Pizza Ordering System 1.0. The vulnerability lies in the Password Change Handler, specifically the file segment admin/ajax.php?action=save_user , enabling an improper authentication condition. It can be triggered remotely, withImpact described as h...

9.8CVSS8.1AI score0.00971EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/03/16 1:15 p.m.11 views

CVE-2023-1432

A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=savesettings of the component POST Request Handler. The manipulation leads to improper access control...

9.8CVSS7.8AI score0.00591EPSS
Exploits0References2
Prion
Prion
added 2023/03/13 8:15 p.m.13 views

Sql injection

PrestaShop dpdfrance 6.1.3 is vulnerable to SQL Injection via dpdfrance/ajax.php...

7.5CVSS9.8AI score0.0089EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/03/13 8:0 a.m.23 views

CVE-2023-1365 SourceCodester Online Pizza Ordering System ajax.php sql injection

A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The...

7.5CVSS8AI score0.00753EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/03/13 12:0 a.m.3 views

PT-2023-19979 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 6.1.3 DpdFrance module versions prior to 6.1.3 Description: The issue allows for SQL Injection via the "dpdfrance/ajax.php" endpoint. Recommendations: For PrestaShop versions prior to 6.1.3, update to version 6.1....

9.8CVSS9.8AI score0.0089EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/03/13 12:0 a.m.18 views

CVE-2023-25207

PrestaShop dpdfrance 6.1.3 is vulnerable to SQL Injection via dpdfrance/ajax.php...

10AI score0.0089EPSS
Exploits1References2
wpexploit
wpexploit
added 2023/03/13 12:0 a.m.99 views

Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI

The plugin does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks. 1. Login as Admin. 2. Go to wp-admin/admin.php?page=wp-easycart-products&subpage=products 3. Click on Import Products. Browse any file and click on import file. Intercept the...

7.2CVSS7.2AI score0.01084EPSS
Exploits2
Veracode
Veracode
added 2023/03/02 8:41 a.m.9 views

Cross-Site Request Forgery (CSRF)

froxlor/froxlor is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists in the updateTablelisting and resetTablelisting functions in ajax.php due to improper sanitization which allows an attacker to change the request to get so that a user cannot use any functions on the page...

8.8CVSS8.3AI score0.00324EPSS
Exploits1References4Affected Software1
Huntr
Huntr
added 2023/03/02 3:19 a.m.4 views

SQL Injection in '/module/accounts/ajax.php'

Description There exists an SQL injection affecting the 'order'0'dir', start and length parameters located in the file /module/accounts/ajax.php Let's take a look at the following code: https://github.com/unilogies/bumsys/blob/9dc2de204116297a7e528c38bc3b1e89bf40f907/module/accounts/ajax.phpL1503...

7.8AI score
Exploits0
Huntr
Huntr
added 2023/03/01 11:9 p.m.17 views

Full CSRF Bypass

Description The intended way to reach functionality in $module/ajax.php is through the /xhr endpoint. Looking at the following code: https://github.com/unilogies/bumsys/blob/83bd788c21ce390f62e34ab6755a3e61c106418c/core/route.phpL43-L48 php if $pageSlug === "xhr" or $pageSlug === "info" and...

6.8CVSS6.8AI score0.0043EPSS
Exploits1
Cvelist
Cvelist
added 2023/03/01 9:54 a.m.27 views

CVE-2023-1112 Drag and Drop Multiple File Upload Contact Form 7 admin-ajax.php path traversal

A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument uploadname leads to relative path traversal. It is possible to laun...

5.8CVSS9.9AI score0.03004EPSS
Exploits3References3
Rows per page
Query Builder