EUVD-2024-52872

Malicious code in bioql PyPI...

CVE-2024-55972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in chriscarvache eTemplates etemplates allows SQL Injection.This issue affects eTemplates: from n/a through = 0.2.1...

WordPress eTemplates 0.2.1 SQL Injection Vulnerability

CVE-2024-55972 eTemplates = 0.2.1 - Unauthenticated SQL Injection Description The eTemplates plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 0.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

CVE-2024-55972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in chriscarvache eTemplates etemplates allows SQL Injection.This issue affects eTemplates: from n/a through = 0.2.1...

CVE-2024-55972

CVE-2024-55972 is an SQL injection vulnerability in eTemplates (WordPress plugin). The issue arises from improper neutralization of input elements used in SQL commands, allowing unauthenticated injection into the database. Affected versions are reported as eTemplates from n/a up to 0.2.1. Current...

CVE-2024-55972 WordPress eTemplates plugin <= 0.2.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in chriscarvache eTemplates etemplates allows SQL Injection.This issue affects eTemplates: from n/a through = 0.2.1...

CVE-2024-55972 WordPress eTemplates plugin <= 0.2.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Chris Carvache eTemplates allows SQL Injection.This issue affects eTemplates: from n/a through 0.2.1...

PT-2024-36624 · Unknown · Etemplates

Name of the Vulnerable Software and Affected Versions: eTemplates versions 0.2.1 and earlier Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem can be exploited to inject SQL code, potentially leading t...

WordPress plugin eTemplates SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress eTemplates plugin <= 0.2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin eTemplates versions = 0.2.1...

UNA 10.0.0 RC1 - (polyglot.php) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-1480...

UNA 10.0.0 RC1 Cross Site Scripting

Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Date: 2019 08 10 Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-14804 UNA-v.10.0.0-RC1 Stored XSS...

UNA 10.0.0 RC1 - &#039;polyglot.php&#039; Persistent Cross-Site Scripting

Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Date: 2019 08 10 Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-14804 UNA-v.10.0.0-RC1 Stored XSS...

CVE-2019-14804

studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing...

CVE-2019-14804

The CVE-2019-14804 issue affects UNA 10.0.0-RC1, where a stored Cross-Site Scripting (XSS) vulnerability exists in studio/polyglot.php?page=etemplates via the Emails templates when editing the System Name field. The root cause, as described by CNVD, is a lack of proper validation of client-side d...