EUVD-2017-8725

Malware in sbrugna...

CVE-2024-10108 WPAdverts – Classifieds Plugin <= 2.1.6 - Unauthenticated Stored Cross-Site Scripting via adverts_add Shortcode

The WPAdverts – Classifieds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's advertsadd shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

CVE-2024-37501 WordPress Advanced Classifieds & Directory Pro plugin <= 3.1.3 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in PluginsWare Advanced Classifieds & Directory Pro allows Path Traversal.This issue affects Advanced Classifieds & Directory Pro: from n/a through 3.1.3...

CVE-2024-31350 WordPress AWP Classifieds plugin <= 4.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

WordPress Advanced Classifieds & Directory Pro Plugin <= 3.0.0 is vulnerable to Broken Access Control

Software Advanced Classifieds & Directory Pro Type Plugin Vulnerable versions = 3.0.0 Fixed in 3.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2222 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0df0ba101fff Credits Lucio Sá...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6...

CVE-2023-46207

CVE-2023-46207 describes a Server-Side Request Forgery (SSRF) in the WordPress plugin Motors – Car Dealer, Classifieds & Listing . Public details specify the vulnerability affects plugin versions from n/a through 1.4.6 and is caused by an SSRF flaw in that plugin. A fix exists in version 1.4.7 , ...

CVE-2022-38716

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin = 1.4.4 versions...

CVE-2022-38716

CVE-2022-38716 is a CSRF vulnerability in the Motors – Car Dealer, Classifieds & Listing WordPress plugin (StylemixThemes) affecting versions

CVE-2022-38716 WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin = 1.4.4 versions...

WordPress Classifieds Plugin Plugin for WordPress < 3.0 SQL Injection

The WordPress WordPress Classifieds Plugin Plugin installed on the remote host is affected by an SQL Injection. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

WordPress AWP Classifieds plugin <= 4.2.1 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress AWP Classifieds plugin versions = 4.2.1. Solution Update the WordPress AWP Classifieds plugin to the latest available version at least 4.3...

WordPress Advanced Classifieds & Directory Pro plugin < 1.8.8 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Advanced Classifieds & Directory Pro plugin versions 1.8.8. Solution Update the WordPress Advanced Classifieds & Directory Pro plugin to the latest available version at least 1.8.8...

BlueCMS suffers from a command execution vulnerability (CNVD-2021-48546)

BlueCMS is a portal system applied to local classified information, the development language architecture is php mysql architecture. BlueCMS has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

classifieds.thetowntalk.com Cross Site Scripting vulnerability OBB-1387768

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel

Bad bots, bad bots, whatcha gonna do? Target e-commerce, the travel industry, media and online marketplaces, that’s what. Those are the top four verticals attacked by bots in the last year, according to data released on Wednesday from Radware, with e-commerce accounting for the most activity. In...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the 1 Forum, 2 Event, and 3 Classifieds plugins in SocialEngine before 4.2.4...

CVE-2012-6721

Multiple cross-site request forgery CSRF vulnerabilities in the 1 Forum, 2 Event, and 3 Classifieds plugins in SocialEngine before 4.2.4...

CVE-2012-6721

CVE-2012-6721 describes multiple CSRF vulnerabilities in the SocialEngine platform, affecting the (1) Forum, (2) Event, and (3) Classifieds plugins when running versions earlier than 4.2.4. The connected documents provide the concrete details: the vulnerable software components are the three Soci...

Joomla Advertisement Board Classifieds 3.2.0 Shell Upload

Title: Advertisement board Joomla classifieds extension 3.2.0 - Remote Shell Upload Vulnerability Credit: Bilal KARDADOU Vendor: http://ordasoft.com/ URL: http://ordasoft.com/advertisement-board-joomla-classifieds-extension Product: 'Advertisement board Joomla classifieds extension 3.2.0'...