Lucene search
K

1339 matches found

0day.today
0day.today
added 2021/04/19 12:0 a.m.20 views

WordPress Photo Gallery 1.5.69 Cross Site Scripting Vulnerability

WordPress Photo Gallery plugin versions 1.5.69 and below suffer from multiple reflective cross site scripting vulnerabilities. WordPress Photo Gallery 1.5.69 Cross Site Scripting Vulnerability Researcher Name: ThuraMoeMyint Twitter: https://twitter.com/mgthuramoemyint Vendor Url:...

6.8AI score
Exploits0
NVD
NVD
added 2021/04/16 6:15 p.m.18 views

CVE-2021-26830

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module...

9.1CVSS0.04572EPSS
Exploits1References1
Prion
Prion
added 2021/04/16 6:15 p.m.15 views

Sql injection

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module...

6.4CVSS9.5AI score0.04572EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2021/04/12 2:15 p.m.13 views

CVE-2021-24199

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtable&tableid=1, on the 'start' HTTP POST parameter. Th...

6.5CVSS0.01341EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2021/04/03 12:0 a.m.18 views

WPBakery Page Builder Clipboard < 4.5.6 - Subscriber+ Stored Cross-Site Scripting (XSS)

An AJAX action registered by the plugin did not have capability checks nor sanitization, allowing low privilege users subscriber+ to call it and set XSS payloads, which will be triggered in all backend pages. Version 4.5.6 fixed the XSS issue with sanitization of the parameters, but did not fix t...

1.6AI score0.00703EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2021/03/15 12:0 a.m.113 views

Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_answers_by_question

The tutorquizbuildergetanswersbyquestion AJAX action from the plugin was vulnerable to UNION based SQL injection that could be exploited by students. python3 sqlmap.py -r /tutorunion.txt --dbms=mysql --technique=U -p questionid --dump Where tutorunion.txt is POST /wp-admin/admin-ajax.php HTTP/1.1...

4CVSS1.2AI score0.01742EPSS
Exploits2References1
Prion
Prion
added 2021/02/08 12:15 a.m.17 views

Sql injection

wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=getwdtable order0dir SQL injection...

10CVSS9.9AI score0.04615EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2021/01/27 6:15 p.m.22 views

CVE-2021-3318

attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter...

6.1CVSS6AI score0.02848EPSS
Exploits4References2
OSV
OSV
added 2021/01/27 6:15 p.m.17 views

CVE-2021-3318

attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter...

6.1CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2021/01/27 5:13 p.m.22 views

CVE-2021-3318

attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter...

6.1AI score0.02848EPSS
Exploits4References2
CVE
CVE
added 2021/01/27 5:13 p.m.98 views

CVE-2021-3318

CVE-2021-3318 affects DzzOffice

6.1CVSS5.9AI score0.02848EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2021/01/15 7:15 a.m.13 views

Cross site scripting

A stored cross-site scripting XSS issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the metatitle parameter...

3.5CVSS5.3AI score0.01343EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2021/01/15 6:23 a.m.25 views

CVE-2020-35581

A stored cross-site scripting XSS issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the metatitle parameter...

5.3AI score0.01343EPSS
Exploits2References4
wpexploit
wpexploit
added 2020/12/18 12:0 a.m.93 views

Simple Social Buttons < 3.2.1 - Unauthenticated Reflected Cross-Site Scripting

The version 3.2.0 attempted to fix a reflected Cross-Site Scripting issue, by adding a CSRF check, which does not fully remediate it as unauthenticated users will all have the same nonce generated and valid for 12h to 24h, or 2 WP ticks. Only unauthenticated users can be attacked with this issue...

6.8AI score
Exploits0References1
Prion
Prion
added 2020/11/13 4:15 p.m.13 views

Sql injection

In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection...

6.5CVSS7.4AI score0.01028EPSS
Exploits1References1Affected Software1
wpexploit
wpexploit
added 2020/10/08 12:0 a.m.30 views

Dynamic Content for Elementor < 1.9.6 - Authenticated RCE

The PHP Raw Widget https://www.dynamic.ooo/widget/php-raw/ of the Dynamic Content for Elementor plugin before 1.9.6 did not properly check for user permissions, allowing accounts with a role as low as editor to perform RCE attacks. POST /wp-admin/admin-ajax.php HTTP/1.1 Host: example.com...

9CVSS8.9AI score0.05415EPSS
Exploits2References1
Prion
Prion
added 2020/09/30 6:15 p.m.14 views

Authentication flaw

An issue was discovered in SourceCodester Seat Reservation System 1.0. The file adminclass.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract...

6.4CVSS9.1AI score0.11301EPSS
Exploits3References3Affected Software1
wpexploit
wpexploit
added 2020/08/24 12:0 a.m.25 views

Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload

The aoccssimport AJAX call does not ensure that the file provided is a legitimate Zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. https://drive.google.com/file/d/1siZsDiJsYRCw58Ksram5zBJOVbs-Hio1/view?usp=sharing POST /wp-admin/admin-ajax.php HTTP/1...

6.5CVSS0.2AI score0.13139EPSS
Exploits6References1
NVD
NVD
added 2020/08/21 4:15 p.m.14 views

CVE-2020-20633

ajaxpolicygenerator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent cookie-law-info 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation...

5.4CVSS5.3AI score0.00894EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/08/21 3:42 p.m.27 views

CVE-2020-20633

ajaxpolicygenerator in admin/modules/cli-policy-generator/classes/class-policy-generator-ajax.php in GDPR Cookie Consent cookie-law-info 1.8.2 and below plugin for WordPress, allows authenticated stored XSS and privilege escalation...

5.2AI score0.00894EPSS
Exploits1References1
Rows per page
Query Builder