11 matches found
EUVD-2023-12785
Malicious code in bioql PyPI...
CVE-2023-0768
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
CVE-2023-0768
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
CVE-2023-0768
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
Sql injection
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
CVE-2023-0768
CVE-2023-0768 affects the Avirato hotels online booking engine WordPress plugin (
CVE-2023-0768 Avirato hotels online booking engine <= 5.0.5 - Subscriber+ SQLi
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
CVE-2023-0768 Avirato hotels online booking engine <= 5.0.5 - Subscriber+ SQLi
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
PT-2023-16515 · WordPress · Avirato Hotels Online Booking Engine
Name of the Vulnerable Software and Affected Versions: Avirato hotels online booking engine WordPress plugin versions 5.0.5 and earlier Description: The issue concerns a lack of validation and escaping of certain shortcode attributes, which are then used in SQL statements. This could allow...
WordPress plugin Avirato hotels online booking engine SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
WordPress Avirato hotels online booking engine Plugin <= 5.0.5 is vulnerable to SQL Injection
Software Avirato hotels online booking engine Type Plugin Vulnerable versions = 5.0.5 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0768 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 529cd2a74d04 Credits István Márton Required...