4 matches found
EUVD-2021-2362
Malware in sbrugna...
CVE-2022-29414 WordPress Subscribe To Comments Reloaded plugin <= 211130 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
Multiple 13x Cross-Site Request Forgery CSRF vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin mass update settings, manage subscriptions add a new subscription, update subscription, delete Subscription...
Improper access control
Improper access control in Management screen of EC-CUBE 2 series 2.11.2 to 2.17.1 allows a remote authenticated attacker to bypass access restriction and to alter System settings via unspecified vectors...
LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues
Severity: Critical Effect: Compromise of FInancial Data, deletion of audit trails, alteration of system settings, disclosure of confidential information possible in some setups. Affected products: LedgerSMB 1.0.0-1.2.7 , SQL-Ledger 2.x all versions. 1: SQL injection issue in invoice quantity fiel...