Lucene search
K

34 matches found

Cvelist
Cvelist
added 2025/01/16 8:6 p.m.20 views

CVE-2025-23665 WordPress RSV GMaps plugin <= 1.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ravi Kumar Vanukuru RSV GMaps rsv-google-maps allows Stored XSS.This issue affects RSV GMaps: from n/a through = 1.5...

7.1CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/16 8:6 p.m.13 views

CVE-2025-23665 WordPress RSV GMaps plugin <= 1.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rapid Sort RSV GMaps allows Stored XSS.This issue affects RSV GMaps: from n/a through 1.5...

7.1CVSS6.8AI score0.00184EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.4 views

WordPress GMAPS for WPBakery Page Builder Free Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin GMAPS for WPBakery Page Builder Free versions = 1.2...

6.5CVSS5.8AI score0.00354EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.5 views

WordPress plugin RSV GMaps 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS8.3AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.4 views

PT-2025-5081 · Wpbakery · Gmaps For Wpbakery Page Builder

Name of the Vulnerable Software and Affected Versions: GMAPS for WPBakery Page Builder Free versions n/a through 1.2 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can...

6.5CVSS9.1AI score0.00354EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/21 12:0 a.m.5 views

PT-2024-39689 · WordPress · Phlox

Name of the Vulnerable Software and Affected Versions: Phlox theme plugin for WordPress versions up to, and including, 2.16.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's aux contact box and aux gmaps shortcodes due to insufficient input sanitization and outpu...

6.4CVSS7.9AI score0.00315EPSS
Exploits0References9
OSV
OSV
added 2024/05/02 5:15 p.m.4 views

CVE-2024-3341

The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'auxgmaps' shortcode in all versions up to, and including, 2.15.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

5.4CVSS5.9AI score0.00543EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2016/07/02 3:30 a.m.10 views

qlock.com XSS vulnerability

Open Bug Bounty ID: OBB-163367 Description| Value ---|--- Affected Website:| qlock.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/12/06 4:47 a.m.10 views

dealfever.ro XSS vulnerability

Vulnerable URL: http://www.dealfever.ro/plugins/gmaps.php?address=str%20Guliei%20184,%20bl%208,%20Crevedia,%20DB=National=Romania〈=25.9132075'%22%26%25prompt'XSSPOSED'...

6.9AI score
Exploits0
Prion
Prion
added 2007/08/01 4:17 p.m.14 views

Sql injection

SQL injection vulnerability in index.php in the Firestorm Technologies GMaps comgmaps 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action...

7.5CVSS8.7AI score0.01217EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/08/01 4:17 p.m.16 views

CVE-2007-4128

SQL injection vulnerability in index.php in the Firestorm Technologies GMaps comgmaps 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action...

7.5CVSS8.3AI score0.01217EPSS
Exploits0References6
CVE
CVE
added 2007/08/01 4:0 p.m.50 views

CVE-2007-4128

The CVE-2007-4128 entry concerns the Firestorm Technologies GMaps (com_gmaps) 1.00 Joomla! component. Multiple sources confirm a SQL injection vulnerability in index.php where the mapId parameter used in the viewmap action allows remote attackers to manipulate database queries. The underlying iss...

7.5CVSS8.3AI score0.01217EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/08/01 4:0 p.m.19 views

CVE-2007-4128

SQL injection vulnerability in index.php in the Firestorm Technologies GMaps comgmaps 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action...

8.3AI score0.01217EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2007/08/01 12:0 a.m.39 views

GMaps Component for Joomla! 'mapId' Parameter SQLi

The version of the GMaps component for Joomla! running on the remote host is affected by a SQL injection vulnerability in the classes/gmapdao.class.php script due to improper sanitization of user-supplied input to the 'mapId' parameter before using it to construct database queries in the getMap...

7.5CVSS5.9AI score0.01217EPSS
Exploits0References2
Rows per page
Query Builder