Lucene search
+L

7 matches found

ptsecurity
ptsecurity
added 2024/08/12 12:0 a.m.3 views

PT-2024-37887 · WordPress · Media Library Assistant

Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin for WordPress versions up to, and including, 3.18 Description: The issue arises from missing file type validation involving the mla-inline-edit-upload-scripts AJAX action. This allows authenticated attackers wit...

8.8CVSS7.9AI score0.01296EPSS
Exploits0References13
cvelist
cvelist
added 2022/09/21 7:9 p.m.45 views

CVE-2022-40217 WordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Edit/Upload vulnerability

Authenticated admin+ Arbitrary File Edit/Upload vulnerability in XplodedThemes WPide plugin = 2.6 at WordPress...

6.5CVSS7.2AI score0.00845EPSS
Exploits0References2
atlassian
atlassian
added 2019/02/14 8:50 p.m.32 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00904EPSS
Exploits0
atlassian
atlassian
added 2019/02/14 8:50 p.m.178 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00904EPSS
Exploits0Affected Software1
atlassian
atlassian
added 2019/02/14 8:39 p.m.146 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00904EPSS
Exploits0Affected Software1
atlassian
atlassian
added 2019/02/14 8:39 p.m.40 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00904EPSS
Exploits0
cnvd
cnvd
added 2018/09/18 12:0 a.m.4 views

LG SuperSign CMS File Upload Vulnerability

LG SuperSign CMS is a content management system for LG webOS from the Luckin LG Group in Korea. The system supports connection to external databases and allows access to the server from mobile devices. A file upload vulnerability exists in LG SuperSign CMS, which can be exploited by an attacker...

9.8CVSS9.5AI score0.19587EPSS
Exploits1References1
Rows per page
Query Builder