130931 matches found
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23566)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23563)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of parameter m in file /clt/LOGINFRMoriginal.ASP, which can be exploited by an attacker to execute operating system...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23562)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23559)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23556)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23552)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23553)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23551)
AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS v25.03, which originates from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the fi...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23550)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23549)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23548)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23547)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23545)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23544)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of the parameter m in the file /clt/LOGINFRMCAT.ASP, which can be exploited by an attacker to execute operating system...
AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23542)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of the parameter m in the file /clt/LOGINFRMBET.ASP, which can be exploited by an attacker to execute operating system...
AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23540)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of parameter m in file /clt/LOGINFRMDJO.ASP, which can be exploited by an attacker to execute operating system commands...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23541)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23536)
AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS, which originates from the lack of effective filtering and escaping of user-supplied data by parameter m in file /lib/asp/alert.asp, and can be exploited by an attacke...
WordPress Find Me On plugin SQL Injection Vulnerability
WordPress Find Me On plugin is a downgraded plugin that is mainly used to add social media link portals to your website. WordPress Find Me On plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. The...
WordPress Fintelligence Calculator plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Fintelligence Calculator plugin, which stems from a lack of valid filtering and escaping of the...
AndSoft e-TMS Cross-Site Scripting Vulnerability
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
WordPress Featured Image from URL plugin cross-site scripting vulnerability
WordPress Featured Image from URL plugin is a plugin for solving WordPress website featured image FeaturedImage related problems. The WordPress Featured Image from URL plugin suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of custom...
WordPress FancyTabs plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress FancyTabs plugin has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of the title parameter, which can be exploited b...
WordPress Eulerpool Research Systems plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Eulerpool Research Systems plugin that stems from a lack of valid filtering and escaping of the aaq shortcode, which...
WordPress Epic Bootstrap Buttons plugin cross-site scripting vulnerability
WordPress Epic Bootstrap Buttons plugin is a plugin for quickly adding Bootstrap style buttons to your WordPress website. WordPress Epic Bootstrap Buttons plugin suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of icol parameters, whic...
WordPress Customify plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Customify plugin, which stems from missing or incorrect random number validation in the resetcustomizesection...
WordPress dbview plugin cross-site scripting vulnerability
WordPress dbview plugin is a plugin for database query and display , developed by John Akers. The plugin through AJAX technology to achieve real-time query and dynamic display of database data , support for the direct execution of SQL statements and visual presentation of the results . WordPress...
WordPress Easy Elementor Addons plugin cross-site scripting vulnerability
The WordPress Elementor Addons plugin is a plugin that extends the Elementor page builder functionality and enhances site design capabilities by providing additional widgets and styles. A cross-site scripting vulnerability exists in the WordPress Easy Elementor Addons plugin, which stems from the...
WordPress CTL Behance Importer Lite plugin SQL Injection Vulnerability
WordPress CTL Behance Importer Lite is a plugin for importing work from the Behance platform to a WordPress website, mainly used to help creators quickly migrate their work and optimize their website content management. The WordPress CTL Behance Importer Lite plugin suffers from an SQL injection...
WordPress Custom Searchable Data Entry System plugin missing privileges vulnerability
WordPress Custom Searchable Data Entry System plugin is a plugin for creating a searchable data entry system in your website that allows users to fill in information based on specific criteria and enables data matching queries. The WordPress Custom Searchable Data Entry System plugin suffers from...
WordPress Cost Calculator Builder plugin unauthorized data modification vulnerability
WordPress Cost Calculator Builder plugin is a WordPress plugin for creating price estimation forms that supports quick generation of customized calculators via drag-and-drop form builder that can be embedded in website pages without programming. The WordPress Cost Calculator Builder plugin suffer...
WordPress Constructor plugin permission issue vulnerability
WordPress Constructor plugin is a framework for simplifying plugin development, mainly used to help developers quickly build and manage the plugin's components such as options pages, forms and custom fields. WordPress Constructor plugin suffers from a privilege issue vulnerability that stems from...
WordPress Comment Info Detector plugin cross-site request forgery vulnerability
WordPress Comment Info Detector plugin is a WordPress plugin for displaying commenter browser and operating system information, developed by Kyle Baker. The WordPress Comment Info Detector plugin suffers from a cross-site request forgery vulnerability that stems from the options.php file not...
WordPress Chartify plugin Access Control Error Vulnerability
WordPress Chartify is a plugin for quickly building charts and graphs in your WordPress website, supporting both static and dynamic data visualization, compatible with 22 chart types including line charts, pie charts, bar charts, geographic charts and more. The WordPress Chartify plugin suffers...
WordPress Bei Fen plugin file inclusion vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The ordPress Bei Fen plugin has a file inclusion vulnerability that stems from not doing effective filtering of local file resource calls, which can be exploited by an attacker ...
WordPress Big Post Shipping for WooCommerce plugin cross-site scripting vulnerability
WordPress Big Post Shipping for WooCommerce plugin is a WooCommerce plugin that is mainly used to display real-time shipping quotes and logistics options in WooCommerce websites. The WordPress Big Post Shipping for WooCommerce plugin suffers from a cross-site scripting vulnerability that stems fr...
WordPress Backup Bolt plugin Arbitrary File Download Vulnerability
WordPress Backup Bolt plugin is a backup plugin for WordPress websites, mainly used to automate the backup of website data including files, databases, etc., and support the recovery function. WordPress Backup Bolt plugin has an arbitrary file download vulnerability, which stems from a flaw in the...
WordPress AP Background plugin Arbitrary File Upload Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An arbitrary file upload vulnerability exists in the WordPress AP Background plugin, which stems from a lack of authorization and insufficient file validation in the...
WordPress Any News Ticker plugin cross-site scripting vulnerability
WordPress Any News Ticker plugin is a functional plugin for adding dynamic scrolling news tickers to your website. WordPress Any News Ticker plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of any-ticker, which can...
WordPress AP Background plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress AP Background plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of advparallaxback,...
WordPress All in One Music Player plugin path traversal vulnerability
WordPress All in One Music Player plugin is a plugin with integrated music playback functionality, mainly used for WooCommerce, Dokan, WCFM Marketplace and other multi-platform e-commerce systems. A path traversal vulnerability exists in the WordPress All in One Music Player plugin, which stems...
WordPress Ajax WooSearch plugin SQL Injection Vulnerability
WordPress Ajax WooSearch plugin is a plugin for enhancing the search functionality of your website, mainly used to improve the user experience, supporting real-time search and indexing of multiple content types. WordPress Ajax WooSearch plugin suffers from an SQL injection vulnerability that stem...
WordPress A Simple Multilanguage plugin cross-site scripting vulnerability
WordPress A Simple Multilanguage plugin is a plugin for implementing multilingual functionality on your website. WordPress A Simple Multilanguage plugin suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of asmp-switcher data, which can be...
Tenda AC15 formfast_setting_pppoe_set function buffer overflow vulnerability
The Tenda AC15 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda AC15 formfastsettingpppoeset function, which can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...
TOTOLINK N600R /cgi-bin/cstecgi.cgi file buffer overflow vulnerability
The TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, supporting concurrent operation in the 2.4GHz and 5GHz bands with a maximum wireless transfer rate of 300Mbps. The TOTOLINK N600R suffers from a buffer overflow vulnerability that originates from the...
Online Complaint Site /cms/users/complaint-details.php File SQL Injection Vulnerability
Online Complaint Site is an online complaint site. Online Complaint Site suffers from a SQL injection vulnerability that originates from improperly filtered SQL statements submitted in the /cms/users/complaint-details.php file, which can be exploited by an attacker to obtain sensitive data and mo...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23568)
AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS, which originates from a lack of effective filtering and escaping of user-supplied data in parameter l of the /clt/TRACKREQUEST.ASP file, which can be exploited by an...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23567)
AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter l of /clt/resetPassword.asp, which can be exploited by an attacke...
AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23557)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from improper manipulation of parameter m. An attacker can exploit this vulnerability by sending a POST request to execute an operati...
Beauty Parlour Management System search-appointment.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter searchdata in file /admin/search-appointment.php. An attacker ca...