10 matches found
CVE-2024-1044
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
MKCMS official version suffers from SQL injection vulnerability (CNVD-2021-16407)
MKCMS is a free and open source PHP web content management system developed by Yakun Technology. MKCMS official version of the existence of SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information in the database...
MKCMS official version suffers from SQL injection vulnerability (CNVD-2021-16408)
MKCMS is a free and open source PHP web content management system developed by Yakun Technology. MKCMS official version of the existence of SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information in the database...
Download official version of Tor browser on Android devices
By Uzair Amir Tor Browser for Android has been officially launched with tons of privacy-focused features. Privacy enthusiasts have every reason to rejoice as the world’s most famous privacy-focused browser Tor browser is now available for Android. So far, it was only available in Beta version and...
DuoDuoRebate duoduocms V8.3_UTF8_20180131 official version has SQL injection vulnerability (CNVD-2018-09451)
DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. DuoDuoRebate duoduocms V8.3UTF820180131 official version of the existence of SQL injection vulnerability. The vulnerability stems from the system on the parameters of the...
SQL Injection Vulnerability in Duoduocms V8.3_UTF8_20180131 Official Version (CNVD-2018-09450)
DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. Dodo rebate duoduocms V8.3UTF820180131 official version of the existence of SQL injection vulnerability. The vulnerability stems from the system on the parameters of the...
SQL Injection Vulnerability in ShopsN v2.2.5 Official Version
ShopsN Mall system is a product of Shanghai Yiso Network Technology Co., Ltd, an enterprise-class commercial standard full-featured allow free commercial use of the open source online store full network system. ShopsN v2.2.5 official version of the AppUploadController.class.php page SQL injection...
Bernard guestbook 4. 1 official version upload vulnerability-vulnerability warning-the black bar safety net
Bernard guestbook 4. 1 official version,post a comment upload attachments can upload directly the ASP implementation file. 'If Action="addsave" Then KeywordsFilterFilterKeyWord Dim RequestU,intCount,i,formName,FileSavePath,FileSaveName,uploadsDirVar RelatePath="" FileSavePath="./...
emlog 4.1.0 敏感信息泄漏漏洞
emlog是一款基于PHP和MySQL平台的功能强大的个人博客系统blog,该版本存在敏感信息泄漏的漏洞。 泄露作者名称: http://site/content/cache/user 泄露配置信息 http://site/content/cache/options 漏洞证明 修复方案: 升级最新官方版本,官方链接:www.emlog.net...
ESCMS vulnerability website system 0day-vulnerability warning-the black bar safety net
Version:ESCMS V1. 0 SP1 Build 1 1 2 5 Background login authentication is through the admin/check. asp achieved,look at the code % if Request. cookiesCookiesKey"ESadmin"="" then 'Note that here Oh,he is by COOKIE validation ESadmin is empty,we can forge a value,called he is not empty 'CookiesKey i...