CVE-2025-64196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through = 7.2.5...

EUVD-2018-10631

Malware in sbrugna...

EUVD-2023-58236

Malicious code in bioql PyPI...

WordPress plugin Booster for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-36508

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 CLI allows an authenticated admin user with diagnose...

Fortinet FortiManager 安全漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and the ability to group devices into different administrative domains ADOMs to further simplify multi-device security deployme...

Fortinet FortiAnalyzer 格式化字符串错误漏洞

Fortinet FortiAnalyzer is a centralized network security reporting solution from Fortinet, Inc. The product is mainly used to collect network log data and analyze, report, and archive operations on security events, network traffic, Web content, etc. in the logs through the reporting suite. A...

CVE-2024-37034

An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not ensure that credentials are negotiated with the Key-Value KV service using SCRAM-SHA when remote link encryption is configured for Half-Secure...

CVE-2024-1538

The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wpfilemanager page that includes files through the 'lang' parameter. This makes it possible for unauthenticate...

CVE-2023-5966

An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution...

EspoCRM Code Issues Vulnerabilities

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A code issue vulnerability exists in EspoCRM version 7.2.5 that stems from the presence of arbitrary PHP code execution...

WoodMart < 7.2.5 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls - Patch Now!

Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution. The vulnerability, tracked as CVE-2023-27997 , is "reachable pre-authentication, on every SSL VPN appliance," Lexfo Security...

CVE-2018-8940

ClientServiceConfigController.cs in Enghouse Cloud Contact Center Platform 7.2.5 has functionality for loading external XML files and parsing them, allowing an attacker to upload a malicious XML file and reference it in the URL of the application, forcing the application to load and parse the...

PHP 7.2.x < 7.2.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.5. It is, therefore, affected by multiple vulnerabilities. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No...

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.projeqtor.org Software Link:...

Kayson Group phpGrid Directory Traversal Vulnerability

Kayson Group phpGrid is a suite of development tools for rapid development of MIS systems from Kayson Group. A directory traversal vulnerability exists in Kayson Group phpGrid versions prior to 7.2.5. A remote attacker can exploit this vulnerability by uploading a specially crafted file with a...