4136 matches found
RiteCMS 3.0.0 - Cross-site Scripting
RiteCMS v3.0.0 contains a reflected XSS caused by unsanitized input in the mainmenu/editsection component, letting attackers execute arbitrary scripts in the context of the victim's browser. id: CVE-2024-28623 info: name: RiteCMS 3.0.0 - Cross-site Scripting author: 0xAkoko severity: medium...
Zaver - Local File Inclusion
Zaver through 2020-12-15 is vulnerable to local file inclusion via the GET /.. substring. id: CVE-2022-38794 info: name: Zaver - Local File Inclusion author: pikpikcu severity: high description: | Zaver through 2020-12-15 is vulnerable to local file inclusion via the GET /.. substring. impact: |...
WordPress Events Calendar 6.8.2.1 - Information Disclosure
The Events Calendar WordPress plugin 6.8.2.1 contains missing access checks in the REST API, letting unauthenticated users access information about password protected events, exploit requires no authentication. id: CVE-2024-5333 info: name: WordPress Events Calendar 6.8.2.1 - Information Disclosu...
Event Monster <= 1.4.3 - Information Exposure Via Visitors List Export
The Event Monster Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.3 via the Visitors List Export file. During the export, a CSV file is created in the wp-content folder with a hardcoded filename...
Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnetform.php script functionality. id: CVE-2021-21799 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...
WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection
WordPress Paytm Payment Gateway plugin through 2.7.3 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-45805 info: name: WordPress Payt...
Joomla! Component Jfeedback 1.2 - Local File Inclusion
A directory traversal vulnerability in the Ternaria Informatica Jfeedback! comjfeedback component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1478 info: name:...
WP Live Chat Support <= 8.0.27 — Stored Cross-Site Scripting
wp-live-chat-support plugin before 8.0.27 for WordPress contains a reflected cross-site scripting caused by insufficient sanitization in the GDPR page, letting attackers execute arbitrary scripts in the context of the victim's browser, exploit requires victim to visit a malicious page. id:...
MooDating 1.2 - Cross-Site Scripting
A vulnerability was found in mooSocial mooDating 1.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /friends/ajaxinvite of the component URL Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. id:...
OPNsense <=20.1.5 - Open Redirect
OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id:...
WordPress Transposh Translation <1.0.8 - Cross-Site Scripting
WordPress Transposh Translation plugin before 1.0.8 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the a parameter via an AJAX action available to both unauthenticated and authenticated users when the curl library is installed before outputting it back in...
Axigen WebMail - Cross-Site Scripting
Axigen WebMail versions 10.5.0-4370c946 and older are vulnerable to reflected XSS via the m parameter in the /index.hsp endpoint. id: CVE-2022-31470 info: name: Axigen WebMail - Cross-Site Scripting author: AmirZargham severity: medium description: | Axigen WebMail versions 10.5.0-4370c946 and...
CandidATS 3.0.0 - Cross-Site Scripting.
CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortBy parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...
Thruk 2.40-2 - Cross-Site Scripting
Thruk 2.40-2 contains a cross-site scripting vulnerability via /thruk/cgi-bin/status.cgi?style=combined&title=TITLE in the host or title parameter. An attacker can inject arbitrary JavaScript into status.cgi, leading to a triggered payload when accessed by an authenticated user. id: CVE-2021-3548...
Custom Admin Page by BestWebSoft < 0.1.2 - Cross-Site Scripting
The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. id: CVE-2017-18493 info: name: Custom Admin Page by BestWebSoft 0.1.2 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The custom-admin-page plugin before 0.1.2 for WordPress has multiple...
WordPress Job Portal < 2.0.6 - SQL Injection
The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter before using it in a SQL statement,leading to a SQL injection vulnerability that is exploitable by unauthenticated users. This vulnerability can be used to extractsensitive data from the database or...
WordPress Church Admin <0.810 - Cross-Site Scripting
WordPress Church Admin plugin before 0.810 allows remote attackers to inject arbitrary web script or HTML via the address parameter via index.php/2015/05/21/churchadmin-registration-form/. id: CVE-2015-4127 info: name: WordPress Church Admin 0.810 - Cross-Site Scripting author: daffainfo severity...
Infographic Maker iList < 4.3.8 - SQL Injection
The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the postid parameter before using it in a SQL statement via the qcldupvoteaction AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL Injection. id: CVE-2022-0747 info:...
WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting
WordPress Active Products Tables for WooCommerce plugin prior to 1.0.5 contains a cross-site scripting vulnerability.. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action, An attacker can inject arbitrary script in the browser of an...
Joomla! Component webERPcustomer - Local File Inclusion
A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer comweberpcustomer component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1315 info: name: Joomla!...
Aryanic HighMail (High CMS) - Cross-Site Scripting
A cross-site scripting vulnerability in Aryanic HighMail High CMS versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm. id: CVE-2020-23517 info: name: Aryanic HighMail High CMS - Cross-Site Scripting author: geeknik severity: medium...
IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion
IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. id: CVE-2018-10956 info: name: IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion author: 0xAkoko severity: high description: | IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. impact: | An...
Adlisting Classified Ads 2.14.0 - Information Disclosure
Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects. id: CVE-2023-4168 info: name: Adlisting Classified Ads 2.14.0 - Information Disclosure autho...
Joomla! Percha Categories Tree 0.6 - Local File Inclusion
A directory traversal vulnerability in the Percha Fields Attach comperchafieldsattach component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2033 info: name:...
WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)
A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter. id: CVE-2011-1669 info: name: WP Custom Pages 0.5.0.1 - Local File Inclusion LFI...
Optergy Proton/Enterprise Building Management System - Open Redirect
Optergy Proton/Enterprise Building Management System contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2019-7275 info: name: Optergy Proton/Enterprise...
Pascom CPS - Local File Inclusion
Pascom packaged with Cloud Phone System CPS versions before 7.20 contain a known local file inclusion vulnerability. id: CVE-2021-45968 info: name: Pascom CPS - Local File Inclusion author: dwisiswant0 severity: high description: | Pascom packaged with Cloud Phone System CPS versions before 7.20...
qdPM 9.1 - Cross-site Scripting
qdPM 9.1 suffers from Cross-site Scripting XSS in the searchkeywords parameter. id: CVE-2019-8390 info: name: qdPM 9.1 - Cross-site Scripting author: theamanrawat severity: medium description: | qdPM 9.1 suffers from Cross-site Scripting XSS in the searchkeywords parameter. impact: | Successful...
Draytek VigorConnect 6.0-B3 - Local File Inclusion
Draytek VigorConnect 1.6.0-B3 is susceptible to local file inclusion in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. id: CVE-2021-201...
Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
Jellyfin <10.7.0 - Local File Inclusion
Jellyfin before 10.7.0 is vulnerable to local file inclusion. This issue is more prevalent when Windows is used as the host OS. Servers exposed to public Internet are potentially at risk. id: CVE-2021-21402 info: name: Jellyfin 10.7.0 - Local File Inclusion author: dwisiswant0 severity: medium...
WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload
WordPress Backup Guard plugin before 1.6.0 is susceptible to authenticated arbitrary file upload. The plugin does not ensure that imported files are in SGBP format and extension, allowing high-privilege users to upload arbitrary files, including PHP, possibly leading to remote code execution. id:...
WordPress Plugin DukaPress 2.5.2 - Directory Traversal
A directory traversal vulnerability in the dpimgresize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the src parameter to lib/dpimage.php. id: CVE-2014-8799 info: name: WordPress Plugin...
osTicket < 1.12.1 - Cross-Site Scripting
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the...
Riello Netman 204 - SQL Injection
The three endpoints /cgi-bin/dbdatalogw.cgi, /cgi-bin/dbeventlogw.cgi, and /cgi-bin/dbmultimetrw.cgi are vulnerable to SQL injection without prior authentication. This enables an attacker to modify the collected log data in an arbitrary way. id: CVE-2024-8877 info: name: Riello Netman 204 - SQL...
pgAdmin < 6.17 - Unauthenticated Remote Code Execution
pgAdmin prior to 6.17 contains an insecure HTTP API caused by improper access control, letting unauthenticated users execute arbitrary external utilities via path manipulation, exploit requires no authentication. id: CVE-2022-4223 info: name: pgAdmin 6.17 - Unauthenticated Remote Code Execution...
RealTek Jungle SDK - Arbitrary Command Injection
There is a command injection vulnerability on the "formWsc" page of the management interface. Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system. id: CVE-2021-35395 info: name: RealTek Jungle SDK - Arbitrary Command Injection...
Apache Struts 2.0.0-2.5.25 - Remote Code Execution
Apache Struts 2.0.0 through Struts 2.5.25 is susceptible to remote code execution because forced OGNL evaluation, when evaluated on raw user input in tag attributes, may allow it. id: CVE-2020-17530 info: name: Apache Struts 2.0.0-2.5.25 - Remote Code Execution author: pikpikcu severity: critical...
Apache Struts2 S2-053 - Remote Code Execution
Apache Struts 2.1.x and 2.3.x with the Struts 1 plugin might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. id: CVE-2017-9791 info: name: Apache Struts2 S2-053 - Remote Code Execution author: pikpikcu severity: critical description: | Apache...
TeamCity < 2023.11.4 - Authentication Bypass
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible id: CVE-2024-27199 info: name: TeamCity 2023.11.4 - Authentication Bypass author: DhiyaneshDk severity: high description: | In JetBrains TeamCity before 2023.11.4 path traversal allowing t...
2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting
A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter. id: CVE-2012-4273 info: name: 2 Click Socialmedia Buttons 0.34 - Cross-Site Scripti...
microweber 1.2.18 - Cross-site Scripting
Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.18. id: CVE-2022-2174 info: name: microweber 1.2.18 - Cross-site Scripting author: r3Y3r53 severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber...
WordPress JoomSport <5.2.8 - SQL Injection
WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operation...
WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation
WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use the wpcf7rgetnonce AJAX action to retrieve a valid nonce for any WordPress action/function. id: CVE-2021-24278 info: name: WordPress Contact Form 7 2.3.4 - Arbitrary Nonce Generation author: 2rs3c severity: high...
Admidio - Cross-Site Scripting
A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The reflected cross-site scripting vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious...
WordPress Asgaros Forum <1.15.13 - SQL Injection
WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does not validate and escape user input when subscribing to a topic before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...
WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting
WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash. id: CVE-2021-24891 info: name: WordPress Elementor Website Builder 3.1.4 - Cross-Site Scripting author:...
Galera WebTemplate 1.0 Directory Traversal
Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow. id: CVE-2021-40960 info: name: Galera WebTemplate 1.0 Directory Traversal author: daffainfo severity: critical description: Galera WebTemplate 1.0 is affected ...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=. id: CVE-2022-31975 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
Super Socializer < 7.13.52 - Cross-Site Scripting
The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-2779 info: name: Super Socializer 7.13.52 - Cross-Site Scripting author: r3Y3r53...