5 matches found
CVE-2023-51647
Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can b...
WordPress Media Library Assistant plugin <= 3.18 - Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action vulnerability
Authenticated Author+ Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action vulnerability discovered by wesley wcraft in WordPress Plugin Media LIbrary Assistant versions = 3.18...
PT-2024-37887 · WordPress · Media Library Assistant
Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin for WordPress versions up to, and including, 3.18 Description: The issue arises from missing file type validation involving the mla-inline-edit-upload-scripts AJAX action. This allows authenticated attackers wit...
PT-2024-14223 · Allegra · Allegra
Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this issue, the existing authentication...
DEBIAN-CVE-2011-3592
Multiple cross-site scripting XSS vulnerabilities in the PMAunInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a 1 database name, 2 table name, or 3 column name that is not properly handled after an...