Statamic Code Issue Vulnerability

Statamic is a powerful flat file Cms built on Laravel by Statamic USA. used to store all content, templates, assets and settings in files instead of databases. A security vulnerability exists in Statamic that stems from allowing an attacker to upload a crafted PHP file via the asset upload field...

Qualitor Security Breach

Qualitor is an application. A security vulnerability exists in Qualitor version 8.20 and earlier versions. An attacker exploits the vulnerability to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter...

The vulnerability of the Royal Elementor Addons and Templates plugin of the WordPress content management system allows a hacker to execute arbitrary code by loading a specially created file.

The vulnerability of the Royal Elementor Addons and Templates plugin of the WordPress content management system is related to the ability to download files of a dangerous type without limitation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by downloading ...

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the username/password...

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from the fact that manipulation of the...

Availability Booking Calendar PHP Security Vulnerability

Availability Booking Calendar PHP is an open source availability booking calendar system by GZ Scripts. A security vulnerability exists in Availability Booking Calendar version 5.0, which stems from incorrect validation of password parameter input and vulnerability to incorrect access control...

PHP 安全漏洞

PHP is a scripting language that executes on the server side. A security vulnerability exists in PHP that stems from a buffer overflow issue, which can be exploited by an attacker to trigger a memory corruption and execute arbitrary code on the target system...

SUSE CVE-2009-3292

Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."...

PT-2022-8067 · Unknown · Simple Php Link Shortener

Name of the Vulnerable Software and Affected Versions: simple php link shortener affected versions not specified Description: A critical issue was found in simple php link shortener, affecting an unknown function of the file index.php. The manipulation of the argument link"id" leads to sql...

Virtual Exim 2 安全漏洞

Virtual Exim 2 is a PHP and SQL based approach to Vexim open source. Multiple email domains can be hosted using Exim. A security vulnerability exists in Virtual Exim 2 that stems from the presence of unknown processing that manipulates to cause cross-site scripting...

PHP 缓冲区错误漏洞

PHP is a scripting language that executes on the server side. A buffer error vulnerability exists in versions prior to PHP 8.1.12, which stems from the fact that an attacker can force an invalid memory address to be read via imageloadfont in order to trigger a denial of service or obtain sensitiv...

Online Pet Shop We App 代码问题漏洞

Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A security vulnerability exists in Online Pet Shop We App v1.0, which originates from an arbitrary file upload vulnerability via the Edit function in the Product Listing module, which allows an...

Wedding Hall Booking System 跨站脚本漏洞

Wedding Hall Booking System is a simple PHP-titled wedding hall booking system by the individual developer Carlo Montero. Wedding Hall Booking System suffers from a cross-site scripting vulnerability that stems from the manipulation of the parameter Message by an unknown function in the Contect...

PT-2022-3952 · Unknown · Ossn Open Source Social Network

Name of the Vulnerable Software and Affected Versions: Open Source Social Network version 6.3 LTS Description: The issue is related to an arbitrary file upload vulnerability in the /ossn/administrator/com installer component. This vulnerability allows attackers to execute arbitrary code via a...

flatCore 跨站脚本漏洞

flatCore is a lightweight content management system CMS based on PHP and SQLite. A cross-site scripting vulnerability exists in flatCore version 2.0.8, which stems from a lack of checksum filtering of user-supplied and output data in the Create New Page option of the index page. An attacker can...

PHP 安全漏洞

PHP is a scripting language that is executed server-side. A security vulnerability exists in PHP. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

Dairy Farm Shop Management System Hardcoded Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . A hard-coded vulnerability exists in the Dairy Farm Shop Management System, which stems from hard-coded credentials in the code that can be exploited by an attacker to access the control panel...

Pluck 代码问题漏洞

Pluck is a content management system CMS developed using the PHP language. A code issue vulnerability exists in Pluck CMS version 4.7.16, which stems from a remote shell upload execution vulnerability in Pluck CMS version 4.7.16...

PHP 跨站脚本漏洞

PHP is a scripting language that executes on the server side. A cross-site scripting vulnerability exists in PHP OOP 1.0 that allows remote malicious users to perform arbitrary remote code execution by creating user functions...

PHP 安全漏洞

PHP is a scripting language that executes on the server side. PHP has a security vulnerability that allows an attacker to bypass PHP's access restrictions by using the Xml function null character in order to read or change files...