6242 matches found
CVE-2022-28422
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit...
Sql injection
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit...
Sql injection
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=posts...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the find= parameter of...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=posts...
CVE-2011-1762
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publishposts' permission...
DEBIAN-CVE-2011-1762
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publishposts' permission...
CVE-2022-23976 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)
Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to reset all data posts / pages / media...
CVE-2022-0914
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a logged in admin export all posts and pages including private and draft into an arbitrary CSV file, which the attacker can then download and retrieve the list of...
CVE-2022-0914
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a logged in admin export all posts and pages including private and draft into an arbitrary CSV file, which the attacker can then download and retrieve the list of...
WordPress Mark Posts plugin跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Mark Posts plugin has a cross-site scripting...
CVE-2022-0958
The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0958
The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Cross site scripting
The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0958 Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting
The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-0958
CVE-2022-0958 affects the WordPress Mark Posts plugin prior to version 2.0.1, where the plugin does not escape new markers, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) when the unfiltered_html capability is disallowed. This is documented across multiple sources (NV...
WordPress plugin Mark Posts 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Mark Posts plugin has a cross-site scripting...
Unrestricted Upload of File with Dangerous Type in WPanel 4
Multiple Remote Code Execution RCE vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to 1 Dashboard's Avatar image, 2 Posts Folder image, 3 Pages Folder image and 4 Gallery Folder image...
CVE-2021-34257
Multiple Remote Code Execution RCE vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to 1 Dashboard's Avatar image, 2 Posts Folder image, 3 Pages Folder image and 4 Gallery Folder image...