20 matches found
CVE-2026-34358
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on form display methods but omit equivalent checks on the corresponding write methods, allowing any...
EUVD-2015-9348
Malware in sbrugna...
Wordfence Bug Bounty Researchers: Unlock More Earning Potential With New “Refer A Researcher” Program
Today, we at Wordfence are excited to announce a groundbreaking addition to our Wordfence Bug Bounty Program: the Refer-A-Researcher Program! Refer new researchers to our program and earn commissions when they submit valid vulnerabilities. This is a great opportunity to earn even more with the...
PT-2025-1869 · WordPress · Linear
Name of the Vulnerable Software and Affected Versions: Linear plugin for WordPress versions up to, and including, 2.7.12 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'linear block buy commissions' shortcode due to insufficient input sanitization and output...
The Wordfence Affiliate Program Officially Launches Today
Today, we are officially launching the Wordfence Affiliate Program. If you love securing WordPress and are passionate about helping make the Web a safer place, click here to apply to the program now. This is an exciting opportunity for us to give back to our incredible community who have been...
CVE-2015-9508
The Easy Digital Downloads EDD Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
Design/Logic Flaw
The Easy Digital Downloads EDD Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9508
CVE-2015-9508 concerns the Easy Digital Downloads (EDD) Commissions extension for WordPress. The issue is an XSS vulnerability caused by misuse of the add_query_arg function in multiple versions of the extension: 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2....
CVE-2015-9508
The Easy Digital Downloads EDD Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
PT-2019-7467 · WordPress · Easy Digital Downloads (Edd) Commissions Extension
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD Commissions extension for WordPress versions 1.8.x through 1.8.6 Easy Digital Downloads EDD Commissions extension for WordPress versions 1.9.x through 1.9.9 Easy Digital Downloads EDD Commissions extension for...
Ad Network Sizmek Probes Account Breach
Online advertising firm Sizmek Inc. NASDAQ: SZMK says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an...
Softbiz Web Host Directory Script (host_id) - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV89$2008 ----------------------------------------------------------------------------------------- ECHOADV89$2008 Softbiz Web Host Directory Script searchresult.php hostid...
Barter Sites 1.3 Joomla Component Multiple Vulnerabilities
No description provided by source. Barter Sites 1.3 Component Joomla SQL Injection & Persistent XSS vulnerabilities Release Date Bug. 28-Oct-2011 Date Added. 01-Oct-2011 Vendor Notification Date. Never Product. Barter Sites Platform. Joomla Affected versions. 1.3 Type. Commercial Price. $99 Attac...
Threat Outbreak Alert: Fake Commissions Statement Notification Email Messages on October 1, 2013
Medium Alert ID: 31085 First Published: 2013 October 1 19:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain a statement pertaining to accrued commissions for the recipient. The text in the email message...
Code injection
Unspecified vulnerability in the Post Affiliate Pro PAP module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors...
CVE-2012-3802
CVE-2012-3802 affects the Drupal Post Affiliate Pro (PAP) contributed module. The issue allows remote authenticated users to read other users’ commissions via unspecified attack vectors, stemming from insufficient input handling/authorization checks described in public advisories. The Drupal SA-C...
CVE-2012-3802
Unspecified vulnerability in the Post Affiliate Pro PAP module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors...
Joomla! Component Barter Sites 1.3 - Multiple Vulnerabilities
Barter Sites 1.3 Component Joomla SQL Injection & Persistent XSS vulnerabilities Release Date Bug. 28-Oct-2011 Date Added. 01-Oct-2011 Vendor Notification Date. Never Product. Barter Sites Platform. Joomla Affected versions. 1.3 Type. Commercial Price. $99 Attack Vector. Sql Injection & Persisten...
Joomla! Component Barter Sites 1.3 - Multiple Vulnerabilities
Joomla! Component Barter Sites 1.3 - Multiple Vulnerabilities Barter Sites 1.3 Component Joomla SQL Injection & Persistent XSS vulnerabilities Release Date Bug. 28-Oct-2011 Date Added. 01-Oct-2011 Vendor Notification Date. Never Product. Barter Sites Platform. Joomla Affected versions. 1.3 Type...
SiteBuilderElite 1.2 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. --==+================================================================================+==-- --==+ SiteBuilderElite1.2 Multiple Remote File Inclusion +==-- --==+================================================================================+==-- Author: MhZ91...