3 matches found
CVE-2016-20077
WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php. Attackers can supply base64-encoded file paths in the 'id' parameter to the decode.php endpoin...
CVE-2016-20077 WordPress Plugin Photocart Link 1.6 Local File Inclusion via decode.php
WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php. Attackers can supply base64-encoded file paths in the 'id' parameter to the decode.php endpoin...
PT-2024-40213 · Unknown +1 · Form Framework +1
Name of the Vulnerable Software and Affected Versions: Form Framework system extension form affected versions not specified Description: The issue concerns Insecure Deserialization in the Form Framework when used with the PHP PECL package yaml. This package can unserialize YAML contents to PHP...