21 matches found
EUVD-2020-30798
Malware in sbrugna...
EUVD-2025-25980
Malicious code in bioql PyPI...
CVE-2025-54029
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in extendons WooCommerce csv import export extendons-eo-wooimport-export allows Path Traversal.This issue affects WooCommerce csv import export: from n/a through = 2.0.6...
CVE-2025-54029 WordPress WooCommerce csv import export Plugin <= 2.0.6 - Arbitrary File Deletion Vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in extendons WooCommerce csv import export extendons-eo-wooimport-export allows Path Traversal.This issue affects WooCommerce csv import export: from n/a through = 2.0.6...
CVE-2025-54029
CVE-2025-54029 affects the WordPress plugin WooCommerce csv import export (versions up to 2.0.6). The issue is an improper limitation of a pathname to a restricted directory (path traversal), enabling traversal to arbitrary files. Some sources also describe an Arbitrary File Deletion impact. Reme...
WordPress plugin WooCommerce csv import export 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
WordPress plugin AIT CSV import/export 代码问题漏洞
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AIT CSV import/export has a code issue vulnerability , the vulnerability stems from the...
CVE-2025-34083
...
WordPress AIT CSV Import Export Unauthenticated Remote Code Execution
The AIT CSV Import/Export plugin use exploit/multi/http/wpaitcsvrce msf exploitwpaitcsvrce show targets ...targets... msf exploitwpaitcsvrce set TARGET msf exploitwpaitcsvrce show options ...show and set options... msf exploitwpaitcsvrce exploit This module requires Metasploit:...
WordPress AIT CSV Import/Export 3.0.3 Shell Upload Exploit
WordPress AIT CSV Import/Export plugin versions 3.0.3 and below allow unauthenticated remote attackers to upload and execute arbitrary PHP code. The upload-handler does not require authentication, nor validates the uploaded content. It may return an error when attempting to parse a CSV, however t...
WordPress AIT CSV Import/Export 3.0.3 Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress AIT CSV Import Export Unauthenticated Remote Code Execution', 'Description' = %q The AIT CSV Import/Export plugin MSFLICENSE, 'Author' ...
CSV Import & Export 1.1.0 - SQL Injection / Cross-Site Scripting Vulnerabilities
Exploit for php platform in category web applications Exploit Title: CSV Import & Export v1.1.0 - SQL Injection / Cross-Site Scripting Exploit Author: Kağan Çapar Contact: email protected Vendor Homepage: https://codecanyon.net/item/csv-import-export/21105509 Version: 1.1.0 Category: Webapps Test...
CSV Import Export 1.1.0 - SQL Injection Cross-Site Scripting
CSV Import Export 1.1.0 - SQL Injection Cross-Site Scripting Exploit Title: CSV Import & Export v1.1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 30.05.2018 Exploit Author: Kağan Çapar Contact: [email protected] Vendor Homepage: https://codecanyon.net/item/csv-import-export/2110550...
CSV Import And Export 1.1.0 Cross Site Scripting / SQL Injection
Exploit Title: CSV Import & Export v1.1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 30.05.2018 Exploit Author: Kagan Capar Contact: [email protected] Vendor Homepage: https://codecanyon.net/item/csv-import-export/21105509 Version: 1.1.0 Category: Webapps Tested on: Kali Linux...
WordPress CSV Import-Export 1.1 Cross Site Scripting
Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote...
Wordpress esb-csv-import-export plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . esb-csv-import-export plugin is used in one of the plug-ins for importing and exporting CSV files . A...
WordPress CSV Import-Export 1.1 Cross Site Scripting Vulnerability
WordPress CSV Import-Export plugin version 1.1 suffers from a cross site scripting vulnerability. Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripti...
WordPress CSV Import-Export plugin <=1.1.0 - Multiple Cross-Site Scripting (XSS) vulnerabilities
Multiple Cross-Site Scripting XSS vulnerabilities found in WordPress CSV Import-Export plugin versions =1.1.0. Solution Dec 20, 2017 - we were unable to find a patched version of this plugin last updated three years ago. Uninstall or use it at your own risk...
CVE-2017-17753
Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cietype, 2 cieimport, 3 cieupdate, or 4 cieignore parameter to includes/admin/views/esb-cie-import-export-page.ph...
CVE-2017-17753
The CVE-2017-17753 entry concerns the WordPress plugin esb-csv-import-export (versions up to 1.1). The vulnerability is an XSS in includes/admin/views/esb-cie-import-export-page.php where the GET parameters cie_type, cie_import, cie_update, and cie_ignore are echoed back to the user without prope...