Linux Distros Unpatched Vulnerability : CVE-2017-14722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. CVE-2017-14722 Note that Nessus...

PT-2021-19534 · Mcafee · Mcafee Database Security

Name of the Vulnerable Software and Affected Versions: McAfee Database Security versions prior to 4.8.2 Description: The issue allows a remote authenticated attacker to gain access to signed SQL scripts that have been marked as deleted or expired within the administrative console. This access is...

phpMyAdmin cross-site scripting vulnerability (CNVD-2018-11976)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in the...

DEBIAN-CVE-2018-12581

An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature...

CVE-2017-14725

Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php...