5 matches found
Ghost CMS 5.42.1 - Path Traversal
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.42.1 - Path Traversal Date: 2023-06-15 Exploit Author:ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://ghost.org Software Link: https://github.com/TryGhost/Ghost Version: =2.28.1 """ import requests import s...
WordPress Everest Forms Plugin <= 3.2.2 is vulnerable to PHP Object Injection
Software Everest Forms Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.2.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-52709 Patch priority High CVSS severity High 9.8 Developer Everest Forms PSID ed6f018dd59f Credits Phat RiO - BlueRock Required privilege...
WordPress Zita Theme <= 1.6.5 is vulnerable to Local File Inclusion
Software Zita Type Theme Vulnerable versions = 1.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-52816 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 948a42c80224 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity Requir...
CVE-2023-22521
This High severity RCE Remote Code Execution vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality,...
PT-2024-9698 · Microsoft +5 · Edge +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 131.0.6778.204 Microsoft Edge affected versions not specified Description: A use after free issue in the Compositing component of Google Chrome and Microsoft Edge could allow a remote attacker to potentially...