CVE-2024-7030

The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

GLPI 安全漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner cartridg...

FineCMS设计缺陷导致大面积SQL注入

简要描述： FineCMS设计缺陷导致大面积SQL注入 详细说明： finecms最新版2.3.0，官方2014年4月18号更新。 finecms某功能存在SQL注入，无需登陆，可直接注入获取管理员账号。 此功能在多个模块使用，导致注入大面积爆发。 此漏洞整个MCS都在使用，导致漏洞大面积存在。 文件/FineCMSv2.3.0/dayrui/core/DModule.php： / 模块内容搜索页 / protected function search $this-load-model'searchmodel'; $mod = $this-getcache...

CVE-2011-4300

The filebrowser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensitive information via a request for a file...

PT-2012-1848 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.0 through 2.0.4 Moodle versions 2.1.0 through 2.1.1 Description: The file browser component does not properly restrict access to category and course data, allowing remote attackers to obtain potentially sensitive informati...