Lucene search
+L

15 matches found

Veracode
Veracode
added 3 days ago8 views

Cross-site Scripting (XSS)

EasyAdmin is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient restrictions on uploaded file types and serving uploaded files inline from the public web root, which allows an attacker to upload malicious HTML or SVG files that execute JavaScript in an administrator'...

5.3AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-38079

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.6 views

CVE-2023-33929

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

5.9CVSS5.6AI score0.00366EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/09/18 12:0 a.m.25 views

Easy Admin Menu <= 1.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00366EPSS
Exploits0
OSV
OSV
added 2023/08/30 1:15 p.m.4 views

CVE-2023-33929

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

4.8CVSS7.3AI score0.00366EPSS
Exploits0References1
NVD
NVD
added 2023/08/30 1:15 p.m.21 views

CVE-2023-33929

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

5.9CVSS5.4AI score0.00366EPSS
Exploits0References1
Prion
Prion
added 2023/08/30 1:15 p.m.20 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

4.3CVSS4.8AI score0.00366EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/30 12:52 p.m.92 views

CVE-2023-33929

CVE-2023-33929 : A stored Cross-Site Scripting (XSS) vulnerability exists in the WordPress plugin Easy Admin Menu by Joaquín Ruiz, affecting versions 1.3 or apply vendor-provided mitigation if available. If upgrading is not possible, monitor for updates from the plugin vendor and affected sites.

5.9CVSS5AI score0.00366EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.3 views

WordPress plugin easy-admin-menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.3AI score0.00366EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/05/23 12:0 a.m.13 views

WordPress Easy Admin Menu Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Easy Admin Menu Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33929 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d28d5c2d98dc Credits Rio Darmawan Required...

5.9CVSS5.7AI score0.00366EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

smbind <= 0.4.7 - SQL Injection Vulnerability

No description provided by source. smbind = v.0.4.7 Sql Injection Site: https://sourceforge.net/projects/smbind/files/ Reported on 28/08/2010 Author: IHTeam Buggy code: ifisset$POST'username' && isset$POST'password' if!filteralphanum, $POST'username' or !filteralphanum, $POST'password' dieUsernam...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/03 12:0 a.m.26 views

smbind 0.4.7 - SQL Injection

smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password field: anything Sql query will result like this: SELECT ID FROM users WHERE username = 'admin'; ' A...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/09/03 12:0 a.m.13 views

smbind 0.4.7 - SQL Injection

smbind 0.4.7 - SQL Injection smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password field: anything Sql query will result like this: SELECT ID FROM users...

8.6AI score
Exploits0
0day.today
0day.today
added 2010/09/03 12:0 a.m.28 views

smbind <= v.0.4.7 Sql Injection Vulnerability

Exploit for php platform in category web applications ============================================= smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/09/03 12:0 a.m.30 views

SMBind 0.4.7 SQL Injection

smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password field: anything Sql query will result like this: SELECT ID FROM users WHERE username = 'admin'; ' A...

7.4AI score
Exploits0
Rows per page
Query Builder