Lucene search
K

712 matches found

BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.7 views

The vulnerability of the phar_get_entry_data function in the PHP programming language allows a attacker to cause a service failure or potentially cause other effects.

The vulnerability of the phargetentrydata function in the PHP language interpreter is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause service failures or potentially cause other adverse effects...

6.8CVSS7.4AI score0.10288EPSS
Exploits0References15Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.8 views

The vulnerability of the exif_process_user_comment function (ext/exif/exif.c) in the PHP programming language allows a hacker to cause a service failure.

The vulnerability of the exifprocessusercomment function ext/exif/exif.c in the PHP programming language is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.1CVSS7.2AI score0.03907EPSS
Exploits1References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.9 views

The vulnerability of the http_header_value function (ext/standard/http_fopen_wrapper.c) in the PHP programming language allows a attacker to cause a service failure.

The vulnerability of the httpheadervalue function ext/standard/httpfopenwrapper.c in the PHP programming language is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause service failures remotely...

7.8CVSS7.2AI score0.03185EPSS
Exploits1References5Affected Software2
CNVD
CNVD
added 2022/04/21 12:0 a.m.15 views

WordPress VikBooking Hotel Booking Engine & PMS plugin信息泄露漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress VikBooking Hotel...

5.3CVSS1.7AI score0.01047EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.5 views

The vulnerability of the exif_process_ifd_in_tiff function in the PHP programming language allows attackers to disclose protected information.

The vulnerability of the exifprocessifdintiff function ext/exif/exif.c in the PHP programming language is related to the disclosure of protected information. Exploiting this vulnerability could allow an attacker to disclose protected information remotely...

5.3CVSS6.8AI score0.07767EPSS
Exploits1References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.3 views

The vulnerability of the ext/mysqlnd/mysqlnd_wireprotocol.c component of the PHP programming language interpreter allows a attacker to cause a service failure or potentially have other adverse effects.

The vulnerability of the ext/mysqlnd/mysqlndwireprotocol.c component of the PHP programming language interpreter is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to cause service failures or potentially other adverse effects...

9.3CVSS7.9AI score0.0885EPSS
Exploits1References11Affected Software3
CNVD
CNVD
added 2022/04/13 12:0 a.m.14 views

WordPress Nimble Page Builder plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Nimble Page Builder plugin version 3.2.2 before the cross-site scripting vulnerability, an attacker can use the vulnerabilit...

6.1CVSS2.1AI score0.00788EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.7 views

The vulnerability of implementing a isolated programming environment for PHP Smarty’s template processors allows attackers to circumvent the restrictions of an isolated programming environment.

The vulnerability of implementing a isolated programming environment for PHP Smarty’s template handlers is related to deficiencies in access control during the processing of the $smarty.templateobject object. Exploiting this vulnerability allows an attacker to circumvent the restrictions of an...

7.8CVSS6.5AI score0.09436EPSS
Exploits1References7Affected Software3
CNVD
CNVD
added 2022/04/11 12:0 a.m.10 views

WordPress WP Downgrade plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress WP Downgrade plugin version before 1.2.3 has a cross-site scripting vulnerability, which can be exploited by attackers to...

4.8CVSS3.3AI score0.04782EPSS
Exploits4References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.14 views

WordPress PS PHPCaptcha WP Input Validation Error Vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. An input validation vulnerability exists in the WordPress PS PHPCaptcha WP plugin, which stems from the...

9.8CVSS2AI score0.02523EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/30 12:0 a.m.28 views

WordPress Limit Login Attempts (Spam Protection) plugin SQL Injection Vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A SQL injection vulnerability exists in the WordPress Lim...

9.8CVSS7.8AI score0.08852EPSS
Exploits2References1
CNVD
CNVD
added 2022/03/30 12:0 a.m.17 views

WordPress Translate WordPress with GTranslate plugin跨站请求伪造漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Translate WordPress with GTranslate plugin version 2.9.9 is vulnerable to cross-site request forgery. The vulnerability...

8.8CVSS2.5AI score0.00602EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/03/29 12:0 a.m.3 views

Pluck 跨站请求伪造漏洞

Pluck is a content management system CMS developed using the PHP language. A cross-site request forgery vulnerability exists in Pluck CMS version 4.7.15, which stems from The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user...

8.8CVSS7.8AI score0.00554EPSS
Exploits0References4
CNVD
CNVD
added 2022/03/16 12:0 a.m.21 views

WordPress Patreon plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. Cross-site scripting vulnerabilities exist in versions of the WordPress Patreon plugin prior to 1.8.2, which stem from the plugin's failu...

5.5CVSS1.2AI score0.00689EPSS
Exploits2References1
CNVD
CNVD
added 2022/03/16 12:0 a.m.16 views

WordPress Team Circle Image Slider With Lightbox plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Team Circle Image Slider With Lightbox...

6.1CVSS1.1AI score0.00788EPSS
Exploits2References1
CNVD
CNVD
added 2022/02/23 12:0 a.m.13 views

WordPress Survey Maker plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Survey Maker plugin 2.0.6 and previous versions have a cross-site scripting vulnerability, which can be exploited by attacke...

6.1CVSS2.4AI score0.0082EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.13 views

Elite Graphix Elite Cms SQL Injection Vulnerability (CNVD-2022-33824)

Elite Graphix Elite Cms is a web content management written in Php language from Elite Graphix India. platform for storing and organizing information and documents. Elite Graphix Elite Cms suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL...

9.8CVSS3.9AI score0.01096EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.14 views

Elite Graphix Elite Cms SQL注入漏洞

Elite Graphix Elite Cms is a web content management written in Php language from Elite Graphix India. platform for storing and organizing information and documents. Elite Graphix Elite Cms suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

9.8CVSS4.1AI score0.01096EPSS
Exploits1References1
Gitee
Gitee
added 2022/01/25 4:48 p.m.5 views

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Cheng, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.2AI score
Exploits0
CNVD
CNVD
added 2022/01/18 12:0 a.m.16 views

WordPress WP Booking System plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress WP Booking System plugin has a cross-site scripting vulnerability in versions prior to 2.0.15...

5.4CVSS1.7AI score0.00675EPSS
Exploits2References1
Rows per page
Query Builder