38 matches found
CVE-2023-40923
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...
CVE-2019-25262 elinicksic Razgover Chat Message send.php cross site scripting
A security vulnerability has been detected in elinicksic Razgover up to db37dfc5c82f023a40f2f7834ded6633fb2b5262. This affects an unknown part of the file Chattify/send.php of the component Chat Message Handler. Such manipulation of the argument msg leads to cross site scripting. The attack may b...
Razgover 代码注入漏洞
Razgover is an online messaging application by Eli Nicksic Personal Developer. Razgover suffers from a code injection vulnerability that stems from incorrect manipulation of the parameter msg in the file Chattify/send.php, which could lead to a cross-site scripting attack...
CVE-2023-53872
Wp2Fac 1.0 contains an OS command injection vulnerability in the send.php endpoint that allows remote attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'numara' parameter by appending shell commands with '&' operators to execute malicious code...
CVE-2023-53872 Wp2Fac 1.0 OS Command Injection via send.php Endpoint
Wp2Fac 1.0 contains an OS command injection vulnerability in the send.php endpoint that allows remote attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'numara' parameter by appending shell commands with '&' operators to execute malicious code...
wp2fac 操作系统命令注入漏洞
wp2fac is a CAPTCHA sending module by the individual developer Metin Yeşil. An operating system command injection vulnerability exists in version 1.0 of wp2fac, which stems from the presence of an OS command injection in the send.php endpoint, which could lead to the execution of arbitrary system...
EUVD-2005-3870
Malware in sbrugna...
EUVD-2023-45462
Malicious code in bioql PyPI...
CVE-2023-40923
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...
CVE-2023-40923
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...
Sql injection
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...
CVE-2023-40923
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...
Sql injection
SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php...
CVE-2023-39677
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php...
Information disclosure
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php...
PrestaShop SQL Injection Vulnerability
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling and other features. A security vulnerability exists in SimpleImportProduct Prestashop Module version v6.2.9,...
CVE-2023-39675
SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php...
CVE-2023-39677
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php...
PT-2023-27068 · Prestashop · Updateproducts Prestashop Module +1
Name of the Vulnerable Software and Affected Versions: MyPrestaModules Prestashop Module version 6.2.9 UpdateProducts Prestashop Module version 3.6.9 Description: A PHPInfo information disclosure issue was discovered in the send.php file, allowing potential access to sensitive information...
VulnCheck KEV: CVE-2021-43778
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the front/send.php file...