CVE-2019-25727

The CVE-2019-25727 entry describes an Arbitrary File Download vulnerability in WordPress Plugin ad manager wd 1.0.11. An unauthenticated attacker can target the edit.php endpoint by supplying export=export_csv and a malicious path parameter to read sensitive files accessible to the web server (e....

CVE-2025-13528 Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter

The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handleexport' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or...

CVE-2025-13528 Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter

The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handleexport' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or...

CVE-2022-50589

SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated attackers to ultimately execute arbitrary code...

EUVD-2012-1149

Malware in sbrugna...

Razer Synapse 3 安全漏洞

Razer Synapse 3 is a software application from the American company Razer, Inc. cloud-based unified hardware configuration tool. A security vulnerability exists in Razer Synapse 3 version v.3.9.131.20813 and Synapse 3 App v.20240213, which originated from a vulnerability that allows a local...

PT-2024-39583 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Toolkit – WP Extended plugin for WordPress versions up to, and including, 3.0.9 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows...

Cross-site Scripting (XSS)

zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation of the 'Exportfile' parameter value in the view export export.php...

DEBIAN-CVE-2012-1115

A Cross-Site Scripting XSS vulnerability exists in LDAP Account Manager LAM Pro 3.6 in the export, addvalueform, and dn parameters to cmd.php...

Cross site scripting

A Cross-Site Scripting XSS vulnerability exists in LDAP Account Manager LAM Pro 3.6 in the export, addvalueform, and dn parameters to cmd.php...

UBUNTU-CVE-2018-19799

Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= XSS...

CVE-2012-1028

Cross-site scripting XSS vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions before 0.743 allows remote attackers to inject arbitrary web script or HTML via the export parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions before 0.743 allows remote attackers to inject arbitrary web script or HTML via the export parameter...

CVE-2012-1028

Cross-site scripting XSS vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions before 0.743 allows remote attackers to inject arbitrary web script or HTML via the export parameter...