11 matches found
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action...
EUVD-2024-35440
Malicious code in bioql PyPI...
CVE-2020-13640
A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. No 7.x versions are affected...
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action...
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action...
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action. Recent assessments: noraj at June 25, 2021 8:12am UTC reported: This...
PT-2020-15645 · Gvectors · Wpdiscuz
Name of the Vulnerable Software and Affected Versions: gVectors wpDiscuz plugin versions 7.0 through 7.0.4 Description: A Remote Code Execution issue exists, allowing unauthenticated users to upload any type of file, including PHP files, via the wmuUploadFiles AJAX action. Recommendations: For...
WordPress gVectors wpDiscuz Plugin SQL Injection (CVE-2020-13640)
An SQL injection vulnerability exists in WordPress gVectors wpDiscuz Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress gVectors wpDiscuz plugin SQL Injection Vulnerability
WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. gVectors wpDiscuz is a responsive commenting plugin with real-time discussion functionality that is used in... A SQL injecti...
CVE-2020-13640
A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. No 7.x versions are affected...
CVE-2020-13640
A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. No 7.x versions are affected...