CVE-2025-10058 WP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Authenticated (Subscriber+) Arbitrary File Deletion

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the uploadfunction function in all versions up to, and including, 7.27. This makes it possible for authenticated attackers, with...

ILIAS < 7.27 SQLi Vulnerability

ILIAS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ilias:ilias"; if descripti...

Ambit Technologies iTech Classifieds Script SQL注入漏洞

Ambit Technologies iTech Classifieds Script is a popular and cost-effective solution from Ambit Technologies India for launching your classified ads website. Ambit Technologies iTech Classifieds Script version 7.27 suffers from a SQL injection vulnerability that stems from the presence of an...

AVM FRITZ!Box Multiple Wi-Fi Vulnerabilities (FragAttacks)

AVM FRITZ!Box devices are prone to multiple Wi-Fi vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:avm:fritz%21os...

Itech Classifieds Script 7.27 - SQL Injection

Itech Classifieds Script 7.27 - SQL Injection Exploit Title: Itech Classifieds Script v7.27 - 'pid' Parameter SQL Injection Google Dork: N/A Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Buy: http://itechscripts.com/classifieds-script/ Demo:...