CVE-2017-20180

A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the function CoinSpend::CoinSpend of the file CoinSpend.cpp of the component Proof Handler. The manipulation leads to insufficient verification of data authenticity. Continious delivery with rolling release...

CVE-2017-20174

A vulnerability was found in bastianallgeier Kirby Webmentions Plugin and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is know...

CVE-2017-20170

A vulnerability was found in ollpu parontalli. It has been classified as critical. Affected is an unknown function of the file httpdocs/index.php. The manipulation of the argument s leads to sql injection. The patch is identified as 6891bb2dec57dca6daabc15a6d2808c8896620e5. It is recommended to...

CVE-2019-14654

In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. In other words, the filter attribute in subform fields allows remote code execution. This is fixed in 3.9.9...

CVE-2015-10075

A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...

CVE-2015-10127

A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this...

CVE-2015-10032

A vulnerability was found in HealthMateWeb. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file createaccount.php. The manipulation of the argument username/password/firstname/lastname/company/phone leads to cross site scripting. The attack...

CVE-2018-1999017

Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery SSRF vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath$url that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server. This attack appear...

CVE-2015-10007

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in 82Flex WEIPDCRM and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

CVE-2015-10061

A vulnerability was found in evandro-machado Trabalho-Web2. It has been classified as critical. This affects an unknown part of the file src/java/br/com/magazine/dao/ClienteDAO.java. The manipulation leads to sql injection. The patch is named f59ac954625d0a4f6d34f069a2e26686a7a20aeb. It is...

CVE-2017-20195

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. Thi...

CVE-2015-10124

A vulnerability was found in Most Popular Posts Widget Plugin up to 0.8 on WordPress. It has been classified as critical. Affected is the function addviews/showviews of the file functions.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to...

CVE-2015-10077

A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched...

CVE-2015-10050

A vulnerability was found in brandonfire miRNADatabasebyPHPMySql. It has been declared as critical. This vulnerability affects the function construct/selectsinglerna/countrna of the file inc/model.php. The manipulation leads to sql injection. The patch is identified as...

CVE-2015-10089

A vulnerability classified as problematic has been found in flame.js. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases...

CVE-2014-125071

A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected is the function messageReceived of the file src/gribbit/request/HttpRequestHandler.java. The manipulation leads to missing origin validation in websockets. The name of the patch is...

CVE-2013-10012

A vulnerability, which was classified as critical, was found in antonbolling clan7ups. Affected is an unknown function of the component Login/Session. The manipulation leads to sql injection. The name of the patch is 25afad571c488291033958d845830ba0a1710764. It is recommended to apply a patch to...

CVE-2010-10003

A vulnerability classified as critical was found in gesellix titlelink on Joomla. Affected by this vulnerability is an unknown functionality of the file plugincontenttitle.php. The manipulation of the argument phrase leads to sql injection. The patch is named...

PT-2025-22484 · Unknown · Campcodes Online Shopping Portal

Name of the Vulnerable Software and Affected Versions: Campcodes Online Shopping Portal version 1.0 Description: A critical issue has been found in the software, affecting an unknown part of the file /admin/edit-subcategory.php. The manipulation of the Category argument leads to SQL injection. It...

CVE-2007-10003

A vulnerability, which was classified as critical, has been found in The Hackers Diet Plugin up to 0.9.6b on WordPress. This issue affects some unknown processing of the file ajaxblurb.php of the component HTTP POST Request Handler. The manipulation of the argument user leads to sql injection. Th...