2 matches found
Quick Cart 6.7 Shell Upload Vulnerability
Quick Cart version 6.7 suffers from a remote shell upload vulnerability provided you have administrative privileges. Title : Authenticated Remote Code Execution & Shell Upload Product : Quick Cart Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window ...
CVE-2023-4819 Shared Files < 1.7.6 - Unauthenticated Stored Cross-Site Scripting
The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts...