CVE-2023-0421

The Cloud Manager WordPress plugin through 1.0 does not sanitise and escape the query param ricerca before outputting it in an admin panel, allowing unauthenticated attackers to trick a logged in admin to trigger a XSS payload by clicking a link...

74CMS SQL Injection Vulnerability (CNVD-2021-43380)

74CMS is a recruitment system developed by Taiyuan Xunyi Technology Co., Ltd. based on ThinkPHP framework. A SQL injection vulnerability exists in 74CMS version 3.2.0. An attacker can use this vulnerability to inject SQL statements via the query parameter of plus/ajaxcommon.php...