CVE-2020-25087

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advancedsettings/languages.php...

PT-2024-37569 · Wbw · The Product Table

Name of the Vulnerable Software and Affected Versions: The Product Table by WBW plugin for WordPress version 2.0.1 and earlier Description: The issue is related to Remote Code Execution due to missing authorization and lack of sanitization of appended data in the languages/customTitle.php file...

Piwigo Remote File Inclusion Vulnerability

Piwigo is a photo album script written in PHP. A security vulnerability exists in the admin/languages.php implementation in versions prior to Piwigo 2.8.3, where a remote administrator user passes the tab parameter and the executable file contains an attack...

PT-2009-2347 · Zen Cart · Zen Cart

Name of the Vulnerable Software and Affected Versions: Zen Cart versions 1.3.8a, 1.3.8, and earlier Description: A directory traversal issue exists in the admin/includes/languages/english.php file, allowing remote attackers to include and execute arbitrary local files via a .. dot dot in the...