4136 matches found
WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting
WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the galleryid, tag, albumid and themeid GET parameters passed to the bwgfrontenddata AJAX action, available to both unauthenticated and authenticated users. id: CVE-2021-2429...
Download Monitor < 4.4.5 - SQL Injection
The Download Monitor plugin for WordPress is vulnerable to SQL injection via the 'orderby' parameter in versions before 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attacker...
CyberPower < v2.8.3 - SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to . id: CVE-2024-32736 info: name: CyberPower PDNU" tags: cve,cve2024,cyberpower,sqli,vkev,vuln http: - method: GET path: - "BaseURL/api/v1/confup?mode=&uid=1'%20UNION%20select%201,2,3,4,sqliteversion;--"...
Accela Civic Platform <=21.1 - Cross-Site Scripting
Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via ssoAdapter/logoutAction.do successURL. id: CVE-2021-34370 info: name: Accela Civic Platform 21.1 that includes proper input validation and sanitization. reference: - https://www.exploit-db.com/exploits/49990 -...
Joomla! Component Percha Image Attach 1.1 - Directory Traversal
A directory traversal vulnerability in the Percha Image Attach comperchaimageattach component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2034 info: name: Joomla...
TP-Link - OS Command Injection
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840NEUV5171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field. id: CVE-2021-41653 info: name: TP-Link - OS Command Injection author: gy741 severity: critical...
WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read
WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an arbitrary file read vulnerability. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-33901 info:...
Pascom CPS Server-Side Request Forgery
Pascom versions before 7.20 packaged with Cloud Phone System contain a known server-side request forgery vulnerability. id: CVE-2021-45967 info: name: Pascom CPS Server-Side Request Forgery author: dwisiswant0 severity: critical description: Pascom versions before 7.20 packaged with Cloud Phone...
WAVLINK WN530HG4 - Improper Access Control
WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IPADDRESS/setsafety.shtml?r=52300 and searching for var syspasswd and thereby possibly obtain sensitive information, modify data, and/or execute...
WordPress Plugin WP Content Source Control - Directory Traversal
A directory traversal vulnerability in the filegetcontents function in downloadfiles/download.php in the WP Content Source Control wp-source-control plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the path parameter. id: CVE-2014-5368 inf...
D-Link DIR-615 - Unauthorized Access
D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. id: CVE-2021-42627 info: name...
Geoserver - Server-Side Request Forgery
GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host. id: CVE-2021-40822 info: name: Geoserver - Server-Side Request Forgery author: For3stCo1d,aringo-bf severity: high description: GeoServer through 2.18.5 and 2.19.x throug...
Joomla! Component Arcade Games 1.0 - Local File Inclusion
A directory traversal vulnerability in the Arcade Games comarcadegames component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1714 info: name: Joomla! Component Arcade Games 1.0 - Local File Inclusion autho...
Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal
A directory traversal vulnerability in Cisco Unified Communications Manager CUCM 5.x and 6.x before 6.15SU2, 7.x before 7.15bSU2, and 8.x before 8.03, and Cisco Unified Contact Center Express aka Unified CCX or UCCX and Cisco Unified IP Interactive Voice Response Unified IP-IVR before 6.01SR1ES8,...
LinuxKI Toolset <= 6.01 - Remote Command Execution
LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. id: CVE-2020-7209 info: name: LinuxKI Toolset = 6.01 - Remote Command Execution author: dwisiswant0 severity: critical description: LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. impact: | Successful...
AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion
AVEVA InTouch Access Anywhere Secure Gateway is vulnerable to local file inclusion. id: CVE-2022-23854 info: name: AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion author: For3stCo1d severity: high description: | AVEVA InTouch Access Anywhere Secure Gateway is vulnerable to loc...
ZKTeco BioTime v8.5.5 - Path Traversal
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. id: CVE-2023-38950 info: name: ZKTeco BioTime v8.5.5 - Path Traversal author: iamnoooob,pdresearch severity: high description: | A pa...
MSNSwitch Firmware MNT.2408 - Authentication Bypass
MSNSwitch Firmware MNT.2408 is susceptible to authentication bypass in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh. An attacker can arbitrarily configure settings, leading to possible remote code execution and subsequent unauthorized operations. id: CVE-2022-32429 info: name:...
Agentejo Cockpit <0.12.0 - NoSQL Injection
Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form. id: CVE-2020-35848 info: name: Agentejo Cockpit 0.12.0 - NoSQL Injection author: dwisiswant0 severity: critical...
SonicWall SRA 4600 VPN - SQL Injection
The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authentication SQL injection vulnerability. id: CVE-2019-7481 info: name: SonicWall SRA 4600 VPN - SQL Injection author: darrenmartyn severity: high description: The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authenticatio...
NETGEAR Routers - Remote Code Execution
NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/viewrequest&id=. id: CVE-2022-31982 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to S...
MantisBT < 2.25.2 - Cross-Site Scripting
MantisBT before 2.25.2 contains a cross-site scripting vulnerability in browsersearchplugin.php. The application does not properly sanitize the 'type' parameter, which allows attackers to inject arbitrary web script or HTML via a crafted URL. id: CVE-2022-28508 info: name: MantisBT 2.25.2 -...
WordPress Copyright Proof <=4.16 - Cross-Site-Scripting
WordPress Copyright Proof plugin 4.16 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users when a specific setting is enabled. id: CVE-2022-1906...
External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery
WordPress External Media without Import plugin through 1.1.2 is susceptible to authenticated blind server-side request forgery. The plugin has no authorization and does not ensure that media added via URLs are external media, which can allow any authenticated users, including subscribers, to obta...
Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting
The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. id: CVE-2017-18490 info: name: Contact Form Multi by BestWebSoft 1.2.1 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The contact-form-multi plugin before 1.2.1 for WordPress has multip...
WordPress PhastPress <1.111 - Open Redirect
WordPress PhastPress plugin before 1.111 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-24210 info: name: WordPress PhastPress 1.111 - Open...
Cisco Unified IP Conference Station 7937G - Denial-of-Service
Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to restart the device remotely via specially crafted packets that can cause a denial-of-service condition. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned...
Purchase Order Management v1.0 - Cross Site Scripting (Reflected)
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...
GRAND FlAGallery 1.57 - Cross-Site Scripting
A cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter. id: CVE-2011-4624 info: name: GRAND FlAGallery 1.57 - Cross-Site Scripting...
WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting
WordPress wpForo Forum plugin before 1.4.12 for WordPress allows unauthenticated reflected cross-site scripting via the URI. id: CVE-2018-11709 info: name: WordPress wpForo Forum = 1.4.11 - Cross-Site Scripting author: daffainfo,s4e-io severity: medium description: WordPress wpForo Forum plugin...
Adobe Experience Manager - XML External Entity Injection
Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity injection. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2019-8086 info: name: Adobe...
Sidekiq < 7.0.8 - Cross-Site Scripting
An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system. id: CVE-2023-1892 info: name: Sidekiq 7.0.8 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: critical description: | An XSS vulnerability on a Sidekiq admin pan...
WordPress Download Manager < 3.3.07 - Unauthenticated Data Exposure
The WordPress Download Manager plugin before version 3.3.07 does not prevent directory listing on web servers that don't use htaccess, allowing unauthorized access to files stored in the download-manager-files directory. id: CVE-2024-13126 info: name: WordPress Download Manager 3.3.07 -...
Rukovoditel <= 3.2.1 - Cross Site Scripting
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking...
Zoo Management System 1.0 - SQL Injection
Zoo Management System 1.0 contains a SQL injection vulnerability via the username parameter on the login page. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...
WordPress Ad Inserter <2.7.10 - Cross-Site Scripting
WordPress Ad Inserter plugin before 2.7.10 contains a cross-site scripting vulnerability. It does not sanitize and escape the htmlelementselection parameter before outputting it back in the page. id: CVE-2022-0288 info: name: WordPress Ad Inserter 2.7.10 - Cross-Site Scripting author: DhiyaneshDK...
JobMonster < 4.5.2.9 - Cross-Site Scripting
In the theme JobMonster 4.5.2.9 there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests. id: CVE-2022-1170 info: name: JobMonster 4.5.2.9 - Cross-Site Scripting author: Akincibor,ritikchaddha severity: medium description: | In the theme JobMonste...
Joomla! Component com_blog - Directory Traversal
A directory traversal vulnerability in index.php in the MyBlog commyblog component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the task parameter. id: CVE-2010-1540 info: name: Joomla! Component comblog - Directory Traversal author: daffainfo severity:...
WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting
WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...
PHP Jabbers Night Club Booking 1.0 - Cross Site Scripting
A vulnerability was found in PHP Jabbers Night Club Booking Software 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be initiated remotely. The identifier...
PlayTube 3.0.1 - Information Disclosure
A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. id: CVE-2023-4714 info: name: PlayTube 3.0.1 - Informati...
Visual CSS Style Editor < 7.5.4 - Cross-Site Scripting
The plugin does not sanitise and escape the wyppagetype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue id: CVE-2021-24934 info: name: Visual CSS Style Editor 7.5.4 - Cross-Site Scripting author: Splint3r7 severity: medium description: | The...
DomainMOD 4.11.01 - Cross-Site Scripting
DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field. id: CVE-2018-1000856 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 is vulnerable to cross-site scripting via the...
Ametys CMS Information Disclosure
Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml and similar pathnames for other languages via the auto-completion plugin, which contain all characters typed by all users, including the content of...
Microstrategy Web 7 - Local File Inclusion
Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" in the parameter subpage. Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in a pathname used by a web application. NOTE: this i...
OpenCATS 0.9.6 - Cross-Site Scripting
OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch oth...
User Profile Picture < 2.5.0 - Sensitive Information Disclosure
The REST API endpoint getusers in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the uploadfiles capability. This included password hashes, hashed user activation keys, usernames, emails, and other less...
Blog2Social < 7.2.1 - Cross-Site Scripting
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin id: CVE-2023-3936 info: name: Blog2Social 7.2.1 - Cross-Site...
Mlflow <2.3.0 - Local File Inclusion
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2356 info: name: Mlflow 2.3.0 - Local File Inclusion author: Co5mos severity: high description: | Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. impact: | Successful exploitation...