6 matches found
PHP-Code-For-Unlimited-File-Upload 代码注入漏洞
PHP-Code-For-Unlimited-File-Upload is a software used for multiple file transfers by the individual developer Lokesh Kumar. A code injection vulnerability exists in PHP-Code-For-Unlimited-File-Upload, which stems from the incorrect manipulation of the parameter h in the file /f.php, which could...
CVE-2025-8568
The GMap Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘h’ parameter in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
PT-2025-32618 · WordPress · Gmap Generator
Name of the Vulnerable Software and Affected Versions: GMap Generator plugin for WordPress versions up to and including 1.1 Description: The GMap Generator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the h parameter. Insufficient input sanitization and output escapi...
DEBIAN-CVE-2016-3623
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero by setting the 1 v or 2 h parameter to 0...
ALPINE-CVE-2016-3623
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero by setting the 1 v or 2 h parameter to 0...
ATutor Cross-Site Scripting Vulnerability
ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. ATutor 2.2 and previous versions of cross-site scripting vulnerability , the vulnerability stems from...