41 matches found
shadoweb wdja v1.5.1 - Cross-Site Scripting
shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. id: CVE-2020-20982 info: name: shadoweb wdja v1.5.1 - Cross-Site Scripting author:...
EUVD-2020-14416
Malware in sbrugna...
EUVD-2020-14426
Malware in sbrugna...
EUVD-2020-16374
Malware in sbrugna...
EUVD-2021-29167
Malicious code in bioql PyPI...
CVE-2021-42185
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...
CVE-2020-20982
Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...
CVE-2020-23631
Cross-site request forgery CSRF in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting XSS attacks via the tongji parameter...
CVE-2020-21658
A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...
CVE-2020-21648
WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...
WDJA SQL Injection Vulnerability
Wdja is a Php-based content management system from the WDJA team. v2.1 of WDJA is vulnerable to SQL injection, which stems from the impact of a SQL injection vulnerability in the front-end search function. An attacker can exploit the vulnerability for SQL injection...
CVE-2021-42185
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...
Sql injection
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...
CVE-2021-42185
CVE-2021-42185 affects the PHP-based CMS WDJA v2.1, with a SQL injection in the foreground search function. The issue is documented across multiple sources (NVD entry notes a SQLi vulnerability in the front-end search; Red Hat and CNVD entries corroborate WDJA v2.1 exposure). CVSS data in the NVD...
CVE-2021-42185
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...
CVE-2020-20982
Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...
CVE-2020-20982
Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...
Cross site scripting
Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...
CVE-2020-20982
CVE-2020-20982 affects shadoweb wdja v1.5.1. The vulnerability is a Cross-Site Scripting (XSS) flaw in the backurl handling of /php/passport/index.php , potentially allowing an attacker to execute arbitrary scripts in the victim’s browser and escalate privileges within the user context. Affected ...
CVE-2020-20982
Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...