712 matches found
WordPress 竞争条件问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on PHP and MySQL servers. A security vulnerability exists in WordPress Autoptimize plugin versions prior to 2.7.8, which allows an...
WordPress FlightLo plugin SQL Injection Vulnerability
WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an application plugin for WordPress. A SQL injection vulnerability exists in WordPress FlightLo plug...
Remote code execution in zendframework and laminas-http
Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...
GHSA-XX8F-QF9F-5FGW Remote code execution in zendframework and laminas-http
Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...
WordPress plugin cross-site scripting vulnerability (CNVD-2021-44296)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . Funnel Builder by CartFlows - Create High Converting Sale...
Joomla! cross-site request forgery vulnerability (CNVD-2021-38295)
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site request forgery vulnerability exists in the AJAX reordering endpoint...
WordPress plugin cross-site request forgery vulnerability (CNVD-2021-37475)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . 404 SEO Redirection Cross-site request forgery...
WordPress plugin cross-site scripting vulnerability (CNVD-2021-37474)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in version 1....
WordPress plugin cross-site scripting vulnerability (CNVD-2021-39959)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in Happy Addo...
WordPress plugin cross-site scripting vulnerability (CNVD-2021-36524)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the...
WordPress plugin cross-site scripting vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in versions o...
WordPress WPBakery Page Builder Clipboard Plugin Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress WPBakery Page Builder Visual Composer...
SKYUC video-on-demand system has SQL injection vulnerability
SKYUC video on demand system is a theater solution built using PHP language and MYSQL database. SKYUC Video-on-Demand System suffers from SQL injection vulnerability. Attackers can use the vulnerability to obtain database sensitive information...
Dream CMS has multiple vulnerabilities
Dream CMS lmxcms is developed using php language and mysql database, and adopts the mainstream MVC design model. Dream CMS has multiple vulnerabilities that can be exploited by attackers to obtain sensitive database information...
Wordpress XXE Vulnerability
WordPress is a blogging platform developed using the PHP language. Users can set up their own websites on servers that support PHP and MySQL databases, or use WordPress as a content management system CMS. A XXE vulnerability exists in Wordpress versions 5.6 - 5.7. The vulnerability stems from an...
Rgcms 2.0-build2021040501 has a file upload vulnerability
Rgcms is an open source building management system, written in PHP language, the system features free, extended, extremely safe, free and open source. Rgcms 2.0-build2021040501 file upload vulnerability , an attacker can use the vulnerability to obtain control of the server...
The vulnerability of the openssl_encrypt() function in the PHP programming language allows a perpetrator to gain access to confidential data and compromise its integrity.
The vulnerability of the opensslencrypt function in the PHP programming language is related to weak encryption methods. Exploiting this vulnerability allows an attacker to gain access to confidential data and compromise its integrity...
Joomla! cross-site scripting vulnerability (CNVD-2021-15050)
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site scripting vulnerability exists in Joomla! 2.5.0 - 3.9.24. The...
Joomla! path traversal vulnerability (CNVD-2021-16936)
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A path traversal vulnerability exists in Joomla! 3.0.0 - 3.9.24. An attacker can...
Joomla! Template Manager Missing Input Validation Vulnerability
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A vulnerability exists in Joomla! 3.2.0 - 3.9.24 where the template manager lacks...