CVE-2024-11409

The Grid View Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input from csallphotosdetails parameter. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a...

CVE-2024-11409

The Grid View Gallery WordPress plugin (versions

WordPress plugin Grid View Gallery 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPres...

WordPress Grid View Gallery plugin <= 1.0 - Authenticated (Editor+) PHP Object Injection vulnerability

Authenticated Editor+ PHP Object Injection vulnerability discovered by Francesco Carlucci in WordPress Plugin Grid View Gallery versions = 1.0...

WordPress Grid View Gallery Plugin <= 1.0 is vulnerable to PHP Object Injection

Software Grid View Gallery Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-11409 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID ccd9bf1d982e Credits Francesco Carlucci Required privilege...

BIT-TYPO3-2021-32669

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for backend layouts are not properly encoded, the corresponding grid view is vulnerable to...

CVE-2021-32669

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for backend layouts are not properly encoded, the corresponding grid view is vulnerable to...

Cross site scripting

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for backend layouts are not properly encoded, the corresponding grid view is vulnerable to...

CVE-2021-32669 Cross-Site Scripting in Backend Grid View

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for backend layouts are not properly encoded, the corresponding grid view is vulnerable to...

TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-011...

TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-011...

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Typo3 association in Switzerland.TYPO3 suffers from a cross-site scripting vulnerability that stems from the fact that when the settings of the back-end layout are not properly coded, the corresponding grid...

Cross-Site Scripting in Backend Grid View

Failing to properly encode settings for backend layouts, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability...

CVE-2015-1841

The Web Admin interface in Red Hat Enterprise Virtualization Manager RHEV-M allows local users to bypass the timeout function by selecting a VM in the VM grid view...

CVE-2015-1841

The Web Admin interface in Red Hat Enterprise Virtualization Manager RHEV-M allows local users to bypass the timeout function by selecting a VM in the VM grid view...

CVE-2013-4117

Cross-site scripting XSS vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter...

CVE-2013-4117

Cross-site scripting XSS vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter...

CVE-2013-4117

The WordPress plugin Category Grid View Gallery version 2.3.1 contains a cross-site scripting (XSS) vulnerability in includes/CatGridPost.php that can be triggered via the ID parameter. The underlying issue is insufficient input validation allowing arbitrary script/HTML to be injected into a user...

WordPress category-grid-view-galler plugin Cross-Site Scripting Vulnerabilities

The WordPress category-grid-view-galler plugin suffers from a Cross-Site Scripting vulnerability. Iranian Exploit DataBase http://exploit.iedb.ir Exploit Title : WordPress category-grid-view-galler plugin Cross-Site Scripting Vulnerabilities Author : Iranian Exploit DataBase Discovered By : IeDb...