117 matches found
DRUPAL-CONTRIB-2025-102
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
WordPress AnyWhere Elementor Pro Theme <= 2.29 is vulnerable to Broken Access Control
Software AnyWhere Elementor Pro Type Theme Vulnerable versions = 2.29 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-31046 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 628f90def353 Credits Anhchangmutrang Required...
DRUPAL-CONTRIB-2025-045
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
DRUPAL-CONTRIB-2024-074
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
JSON:API - Critical - Unsupported - SA-CONTRIB-2020-010
This module provides a JSON API standards-compliant API for accessing and manipulating Drupal content and configuration entities. The security team and module maintainers are marking this project unsupported. Both the 8.x-1.x and 8.x-2.x versions are unsupported, and users of either version are...
DRUPAL-CONTRIB-2019-081
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read:...
PilusCart 1.4.1 - Local File Disclosure
Exploit Title: PilusCart = 1.4.1 - Local File Disclosure Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://sourceforge.net/projects/pilus/ Version: = 1.4.1 Tested on: Ubuntu 18.04.1 The e-commerce software 'PilusCart' is not validating the...
ModX Revolution 2.3.5-pl Cross Site Scripting
ModX Revolution 2.3.5-pl: Reflected Cross Site Scripting Vulnerability Security Advisory – Curesec Research Team 1. Introduction Affected Product: ModX Revolution 2.3.5-pl Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Reflected XSS Remote...
Unfixed XSS vulnerability at www.ancyl.org.za
Security researcher 03storic, has submitted on 03/02/2012 a cross-site-scripting XSS vulnerability affecting www.ancyl.org.za, which at the time of submission ranked 1272652 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/02/2012. It is...
Unfixed XSS vulnerability at medienkunstpreis.zkm.de
Security researcher owege, has submitted on 14/02/2012 a cross-site-scripting XSS vulnerability affecting medienkunstpreis.zkm.de, which at the time of submission ranked 340654 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2012. It is...
Unfixed XSS vulnerability at www.howzit.co.za
Security researcher Digital Kryptonite, has submitted on 30/12/2011 a cross-site-scripting XSS vulnerability affecting www.howzit.co.za, which at the time of submission ranked 167089 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/12/2011. I...
Unfixed XSS vulnerability at www.marcha.com.mx
Security researcher AR3SW0RMED, has submitted on 27/06/2011 a cross-site-scripting XSS vulnerability affecting www.marcha.com.mx, which at the time of submission ranked 1542465 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011. It is...
Unfixed XSS vulnerability at www.undp.org.ye
Security researcher Ma3sTr0-Dz, has submitted on 22/05/2011 a cross-site-scripting XSS vulnerability affecting www.undp.org.ye, which at the time of submission ranked 7091184 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is...
Unfixed XSS vulnerability at www.ricketybridge.com
Security researcher VirtualSystEm, has submitted on 22/01/2011 a cross-site-scripting XSS vulnerability affecting www.ricketybridge.com, which at the time of submission ranked 2457211 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/11/2011. ...
Unfixed XSS vulnerability at www.jorts.com
Security researcher tenest, has submitted on 22/10/2010 a cross-site-scripting XSS vulnerability affecting www.jorts.com, which at the time of submission ranked 1941465 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. It is currently...
Unfixed XSS vulnerability at support.amd.com
Security researcher haRI, has submitted on 09/10/2010 a cross-site-scripting XSS vulnerability affecting support.amd.com, which at the time of submission ranked 2286 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/10/2010. It is currently...
Unfixed XSS vulnerability at www.clausetezier-iberica.com
Security researcher nullbyt3, has submitted on 29/08/2010 a cross-site-scripting XSS vulnerability affecting www.clausetezier-iberica.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011. It i...
Unfixed XSS vulnerability at www.wingclips.com
Security researcher nullbyt3, has submitted on 17/07/2010 a cross-site-scripting XSS vulnerability affecting www.wingclips.com, which at the time of submission ranked 372738 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...
Unfixed XSS vulnerability at www.hfm-weimar.de
Security researcher Stoik, has submitted on 27/01/2010 a cross-site-scripting XSS vulnerability affecting www.hfm-weimar.de, which at the time of submission ranked 1046421 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is...
Unfixed XSS vulnerability at www.cleartrip.com
Security researcher Sripathi Krishnan, has submitted on 19/01/2010 a cross-site-scripting XSS vulnerability affecting www.cleartrip.com, which at the time of submission ranked 1650 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It ...