WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)

A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter. id: CVE-2011-1669 info: name: WP Custom Pages 0.5.0.1 - Local File Inclusion LFI...

Improper Neutralization of Special Elements in Data Query Logic

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the searchCustomPages process. An attacker can access unintended content by submitti...

Improper Neutralization of Special Elements in Data Query Logic

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the searchCustomPages process. An attacker can access unintended content by submitti...

EUVD-2011-1669

Malware in sbrugna...

EUVD-2019-19116

Malware in sbrugna...

EUVD-2007-2620

Malware in sbrugna...

EUVD-2008-6168

Malware in sbrugna...

SUSE CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

MAL-2022-2283 Malicious code in custom-pages-react-boilerplate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4949c8e4aa1b5121f3d6fe2ff897aa6d5368a75a8959d2d9f4b30e9fd68d3a41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

Design/Logic Flaw

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

CVE-2019-9753

OTRS 7.x before 7.0.5 has an information disclosure vulnerability (CVE-2019-9753). An authenticated user (agent or customer) can use search result screens to disclose data from internal entities: Custom Pages, FAQ Articles, Service Catalogue Items, and ITSM Configuration Items. Root cause: inform...

CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

Wordpress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability

No description provided by source. ------------------------------------------------------------------------ Software................WordPress WP Custom Pages 0.5.0.1 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5...

MyBB Plugin Custom Pages 1.0 - Remote SQL Injection Vulnerability

No description provided by source. MyBulletin Board MyBB Plugin Custom Pages 1.0 - SQL Injection Vulnerability found by: LidlosesAuge Greetz to: free-hack.com Vulnerability: Document: pages.php GET-Parameter: page Dork: inurl:pages.php + intext:powered by mybb Example:...

Empire cms the latest version of the background to get webshell method-vulnerability warning-the black bar safety net

Don't know who did the hair too. Anyway yesterday I get a station of their own. Must share out it!!!! Due to my day that Station is the Empire cms 6.6 the latest version, so the Internet to find some of the methods are failure! Custom pages-added custom page-feel free to write a xxx. php file nam...

WordPress WP Custom Pages Plugin 'url' Parameter Directory Traversal Vulnerability

WordPress WP Custom Pages Plugin is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...