CVE-2023-31505

An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file...

Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API

The plugin lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc When the "Enable API for Mobile Apps" settings...

JVN#48413554: WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" vulnerable to cross-site request forgery

WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" provided by realmag777 contains a cross-site request forgery vulnerability CWE-352. Impact If a user with an administrative privilege views a malicious page while logged in, unintended operations may be performed. Solution Update t...

Joomla Extra Search v2.2.8 SQL Injection

No description provided by source...