appleple a-blog cms 路径遍历漏洞

appleple a-blog cms is a content management system from appleple. A path traversal vulnerability exists in appleple a-blog cms versions prior to 3.1.43, which stems from insufficient path validation of the backup function, and could lead to a path traversal attack...

WordPress WP Event Manager plugin <= 3.1.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'events' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'events' Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin WP Event Manager versions = 3.1.43...

PT-2024-21575 · WordPress · Wp Event Manager

Name of the Vulnerable Software and Affected Versions: The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress versions up to, and including, 3.1.43 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'events' shortco...

WordPress plugin Ditty security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Fedora 36 : php-Smarty (2022-52154efd61)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-52154efd61 advisory. 3.1.47 - 2022-09-14 Security - Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks 454 Fixed - Fixed use ...

Ubuntu 18.04 LTS : Smarty vulnerabilities (USN-5348-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5348-1 advisory. David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this u...

DEBIAN-CVE-2021-21408

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch...

UBUNTU-CVE-2021-21408

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch...

Smarty 输入验证错误漏洞

Smarty is Smarty is a template engine for PHP that facilitates the separation of representation HTML/CSS from application logic. A security vulnerability exists in Smarty that stems from Smarty is a template engine for PHP that facilitates the separation of representation HTML CSS from applicatio...