CVE-2020-12130

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function...

Cross site scripting

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function...

CVE-2020-12130

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function...

CVE-2020-12130

CVE-2020-12130 affects the AirDisk Pro app for iOS (version 5.5.3). The vulnerability is a cross-site scripting (XSS) flaw that can be triggered through the deleteFile parameter of the Delete function, as stated across multiple sources. The exact root cause is described as insufficient validation...

welpwn

This is an exploit module for a vulnerability in a binary, targeting a heap-based overflow in a baby heap implementation. The exploit is designed to execute a shell on the vulnerable system. The exploit uses a combination of alloc, show, and delete functions to manipulate the heap and create a...

VulnCheck KEV: CVE-2020-36852

The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazalesdsdeleteentriestablerow function. This makes it...

GPAC code issue vulnerability (CNVD-2020-01651)

GPAC is an open source multimedia framework. A code issue vulnerability exists in the 'GFIPMPXAUTHDelete' function in the odf/ipmpxcode.c file in GPAC versions 0.8.0 and 0.9.0-development-20191109, which arises from a network system or product The vulnerability stems from an improper design or...

CVE-2017-18366

Subrion CMS 4.1.5 has CSRF in blog/delete/...

Cross site request forgery (csrf)

An issue was discovered in creditease-sec insight through 2018-09-11. userdelete in srcpm/app/admin/views.py allows CSRF...

ThinkCMF SQL Injection Vulnerability (CNVD-2019-07959)

ThinkCMF is a Chinese content management framework based on PHP+MYSQL. A SQL injection vulnerability exists in the delete function in SlideController.class.php in ThinkCMF X2.2.2, which can be exploited by users with administrator privileges via the ids parameter in the slide operation...

Default credentials

An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server...

ThinkPHP SQL Injection Vulnerability (CNVD-2018-20227)

ThinkPHP is an open source, lightweight PHP-based web application development framework. A SQL injection vulnerability exists in the 'delete' function in ThinkPHP version 5.1.24. A remote attacker can exploit this vulnerability by controlling the value of the query parameter to delete a user...

Sql injection

In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition's value can be controlled by a user's request...

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

UPDATE— WordPress has released version 4.9.7 to finally patch this vulnerability that could allow remote attackers to gain full control over affected websites. You are recommended to install the latest available version of WordPress as soon as possible. Last week we received a tip about an...

CVE-2018-1000556

WordPress version 4.8 + contains a Cross Site Scripting XSS vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be exploitable via an attacke...

UBUNTU-CVE-2018-1000556

WordPress version 4.8 + contains a Cross Site Scripting XSS vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be exploitable via an attacke...

Cross site scripting

WordPress version 4.8 + contains a Cross Site Scripting XSS vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be exploitable via an attacke...

CVE-2018-1000556

WordPress version 4.8 + contains a Cross Site Scripting XSS vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be exploitable via an attacke...

CVE-2017-1002009

Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function...

Design/Logic Flaw

The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an eladmincategories deletebulk action...