CVE-2022-44276

In Responsive Filemanager 9.12.0, an attacker can bypass upload restrictions resulting in RCE...

CVE-2022-44276

In Responsive Filemanager 9.12.0, an attacker can bypass upload restrictions resulting in RCE...

CVE-2023-2482

The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin...

Sql injection

The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin...

CVE-2023-2482

The CVE-2023-2482 entry concerns the Responsive CSS EDITOR WordPress plugin (

CVE-2023-2482 Responsive CSS EDITOR <= 1.0 - Admin+ SQLi

The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin...

WordPress plugin Responsive CSS EDITOR SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

Exploit for Unrestricted Upload of File with Dangerous Type in Tecrail Responsive_Filemanager

CVE-2022-44276-PoC PoC for Responsive Filemanager 9.12.0...

CVE-2023-0368

The Responsive Tabs For WPBakery Page Builder formerly Visual Composer WordPress plugin through 1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to...

CVE-2023-0368 Responsive Tabs For WPBakery Page Builder <= 1.1 - Contributor+ Stored XSS

The Responsive Tabs For WPBakery Page Builder formerly Visual Composer WordPress plugin through 1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to...

PT-2023-16218 · WordPress · The Responsive Tabs For Wpbakery Page Builder

Name of the Vulnerable Software and Affected Versions: The Responsive Tabs For WPBakery Page Builder formerly Visual Composer WordPress plugin version 1.1 and earlier Description: The issue concerns the failure to validate and escape certain shortcode attributes, which could allow users with the...

Improper access control

A vulnerability was found in Ruijie RG-EW1200G EW3.01B11P204. It has been declared as critical. This vulnerability affects unknown code of the file app.09df2a9e44ab48766f5f.js of the component Admin Password Handler. The manipulation leads to improper access controls. The attack can be initiated...

CVE-2023-3232

A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/appauth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used...

Cross site scripting

The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2023-2184

The CVE-2023-2184 issue affects WP Responsive Tabs horizontal vertical and accordion Tabs for WordPress. Affected versions up to 1.1.15 are vulnerable to Reflected Cross-Site Scripting via the search_term parameter due to insufficient input sanitization and output escaping. Exploitation is possib...

WordPress Plugin Responsive Tabs horizontal vertical and accordion Tabs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

EulerOS Virtualization 2.11.0 : unbound (EulerOS-SA-2023-2094)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving...

EulerOS Virtualization 2.11.1 : unbound (EulerOS-SA-2023-2042)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving...

CVE-2023-3098 KylinSoft youker-assistant restore_all_sound_file path traversal

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restoreallsoundfile. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

WordPress Responsive CSS EDITOR Plugin <= 1.0 is vulnerable to SQL Injection

Software Responsive CSS EDITOR Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2482 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 0ef0cb588232 Credits Chien Vuong Required privilege Administrator...