78 matches found
EUVD-2006-3876
Malware in sbrugna...
EUVD-2007-1568
Malware in sbrugna...
EUVD-2025-10837
Malicious code in bioql PyPI...
EUVD-2025-10347
Malicious code in bioql PyPI...
EUVD-2025-10838
Malicious code in bioql PyPI...
CVE-2025-2880
The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in t...
CVE-2025-2881
The Developer Toolbar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in th...
CVE-2025-2841
The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...
CVE-2025-2841
CVE-2025-2841 affects Cart66 Cloud for WordPress (up to version 2.3.7). It enables unauthenticated access to phpinfo.php, exposing potentially sensitive information. As per Wordfence, this entry is currently Unpatched; no mitigation details are provided in the supplied docs.
PT-2025-16160 · WordPress · Cart66 Cloud
Name of the Vulnerable Software and Affected Versions: Cart66 Cloud plugin for WordPress versions 2.3.7 and earlier Description: The issue allows unauthenticated attackers to view potentially sensitive information contained in an exposed file through the publicly accessible phpinfo.php script...
WordPress plugin Developer Toolbar 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. An information disclosure...
CVE-2025-2882
The GreenPaytm by Green.Money plugin for WordPress is vulnerable to Sensitive Information Exposure in versions between 3.0.0 and 3.0.9 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in th...
CVE-2025-2883 Accept SagePay Payments Using Contact Form 7 <= 2.0 - Unauthenticated Information Exposure
The Accept SagePay Payments Using Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive...
PT-2025-15384 · WordPress · Greenpay
Name of the Vulnerable Software and Affected Versions: GreenPay plugin for WordPress versions 3.0.0 through 3.0.9 Description: The issue allows unauthenticated attackers to view potentially sensitive information contained in an exposed file through the publicly accessible phpinfo.php script...
CVE-2025-2840
The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information...
CVE-2023-5052
CVE-2023-5052 concerns Uniform Server Zero (v10.2.5) with a cross-site scripting (XSS) flaw in the /us_extra/phpinfo.php page. The vulnerability enables an attacker to craft a query that, when viewed by an authenticated user, can partially hijack session details, as described in the CVE. The CVSS...
Expedia Group Bug Bounty: Sensitive information for phpinfo.php at https://products.ean.com/
Vulnerability description not provided...
Instagram Clone 1.0 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: Instagram Clone 1.0 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/justinwilliam Software Link:...
cs.siena.edu Improper Access Control vulnerability
Open Bug Bounty ID: OBB-631767 Description| Value ---|--- Affected Website:| cs.siena.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
File upload vulnerability in PHPCMS Content Publishing Management function module
PHPCMS is a website management software. The software adopts modular development and supports a variety of classification methods, using it can easily realize the design, development and maintenance of personalized websites. There is a file upload vulnerability in the PHPCMS content publishing...