4137 matches found
WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
WordPress Admin Font Editor plugin indexisto 1.8 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting
WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
Yaws 1.91 - Local File Inclusion
Yaws 1.91 allows unauthenticated local file inclusion via /%5C../ submitted to port 8080. id: CVE-2017-10974 info: name: Yaws 1.91 - Local File Inclusion author: 0xAkoko severity: high description: Yaws 1.91 allows unauthenticated local file inclusion via /%5C../ submitted to port 8080. impact: |...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=. id: CVE-2022-31975 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
microweber 1.2.18 - Cross-site Scripting
Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.18. id: CVE-2022-2174 info: name: microweber 1.2.18 - Cross-site Scripting author: r3Y3r53 severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber...
Super Socializer < 7.13.52 - Cross-Site Scripting
The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-2779 info: name: Super Socializer 7.13.52 - Cross-Site Scripting author: r3Y3r53...
Wavlink - Improper Access Control
Wavlink WL-WN530H4 M30H4.V5030.210121 is susceptible to improper access control in the component /cgi-bin/ExportLogs.sh. An attacker can download configuration data and log files, obtain admin credentials, and potentially execute unauthorized operations. id: CVE-2022-48165 info: name: Wavlink -...
Simple File List < 4.4.12 - Cross Site Scripting
The plugin does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting id: CVE-2022-3062 info: name: Simple File List 4.4.12 - Cross Site Scripting author: r3Y3r53 severity: medium description: | The plugin does not escape parameters before...
Elementor Website Builder - Remote Code Execution
The Elementor Website Builder plugin for WordPress versions 3.6.0 to 3.6.2 are vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the /core/app/modules/onboarding/module.php file. This makes it possible for attackers to modify site data and upload...
Agentejo Cockpit <0.12.0 - NoSQL Injection
Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form. id: CVE-2020-35848 info: name: Agentejo Cockpit 0.12.0 - NoSQL Injection author: dwisiswant0 severity: critical...
Good Layers LMS Plugin <= 2.1.4 - SQL Injection
An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin = 2.1.4 exists due to the usage of "wpajaxnopriv" call in WordPress, which allows any unauthenticated user to get access to the function "gdlrlmscancelbooking" where POST Parameter "id" was sent straight into SQL query witho...
WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting
WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash. id: CVE-2021-24891 info: name: WordPress Elementor Website Builder 3.1.4 - Cross-Site Scripting author:...
WAVLINK WN533A8 - Improper Access Control
WAVLINK WN533A8 M33A8.V5030.190716 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser; and thereby possibly obtain sensitive information, modify data, and/or execute...
WordPress WHIZZ <=1.0.7 - Cross-Site Scripting
WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...
Western Digital MyCloud NAS - Command Injection
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data. id: CVE-2016-10108 info: name: Western Digital MyCloud NAS - Command Injection author: DhiyaneshDk severity: critical...
Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php. id:...
2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting
A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter. id: CVE-2012-4273 info: name: 2 Click Socialmedia Buttons 0.34 - Cross-Site Scripti...
Forescout CounterACT 6.3.4.1 - Open Redirect
Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the 'a' parameter. id: CVE-2012-4982 info: name: Forescout CounterACT 6.3.4.1 - Open Redirect...
NexusPHP <1.7.33 - Cross-Site Scripting
NexusPHP before 1.7.33 contains multiple cross-site scripting vulnerabilities via the secret parameter in /login.php; q parameter in /user-ban-log.php; query parameter in /log.php; text parameter in /moresmiles.php; q parameter in myhr.php; or id parameter in /viewrequests.php. An attacker can...
eMerge E3 1.00-06 - Local File Inclusion
Linear eMerge E3-Series devices are vulnerable to local file inclusion. id: CVE-2019-7254 info: name: eMerge E3 1.00-06 - Local File Inclusion author: 0xAkoko severity: high description: Linear eMerge E3-Series devices are vulnerable to local file inclusion. impact: | Successful exploitation of...
WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting
WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php. id: CVE-2017-17059 info: name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress...
TBK DVR4104/DVR4216 Devices - Authentication Bypass
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin"...
WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation
WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use the wpcf7rgetnonce AJAX action to retrieve a valid nonce for any WordPress action/function. id: CVE-2021-24278 info: name: WordPress Contact Form 7 2.3.4 - Arbitrary Nonce Generation author: 2rs3c severity: high...
WordPress Realteo <=1.2.3 - Cross-Site Scripting
WordPress Realteo plugin 1.2.3 and prior contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of keywordsearch, searchradius. bedrooms and bathrooms GET parameters before outputting them in its properties page. id: CVE-2021-24237 info: name:...
Aruba Instant Access Point (IAP) - Cross-Site Scripting
A remote cross-site scripting xss vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below;...
ILIAS eLearning <7.16 - Open Redirect
ILIAS eLearning before 7.16 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-45917 info: name: ILIAS eLearning 7.16 - Open Redirect author:...
Aptana Jaxer 1.0.3.4547 - Local File inclusion
Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI. id: CVE-2019-14312 info: name: Aptana Jaxer 1.0.3.4547 - Local File inclusion author: daffainfo...
Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write
File read and write vulnerability in Apache DolphinScheduler, authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler from 3.1.0 before 3.2.2. id: CVE-2024-30188 info: name: Apache DolphinScheduler = 3.1.0, 3.2.2 Resource File Read And Write...
Apache Solr - Deserialization of Untrusted Data
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. id:...
Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery
The Atlassian Jira IconUriServlet of the OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 contains a cross-site scripting vulnerability which allows remote attackers to access the content of internal network resources and/or perform an attack via...
VMware vRealize Log Insight - Path Traversal
he vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. id: CVE-2022-31706 info: name: VMware vRealize Log Insight - Path Traversal...
OctoberCMS - Account Takeover
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5. id:...
WordPress Gerencianet Oficial <= 3.1.3 - Unauthenticated Order Status Disclosure
Efà Bank Gerencianet Oficial = 3.1.3 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve embedded sensitive data, exploit requires crafted requests. id: CVE-2025-59136 info: name: WordPress...
WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting
WordPress Goto Tour & Travel theme before 2.0 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize the keywords and startdate GET parameters on its Tour List page. id: CVE-2021-24235 info: name: WordPress Goto Tour & Travel Theme =2.0 to mitigate the XSS...
WordPress Shareaholic <9.7.6 - Information Disclosure
WordPress Shareaholic plugin prior to 9.7.6 is susceptible to information disclosure. The plugin does not have proper authorization check in one of the AJAX actions, available to both unauthenticated before 9.7.5 and authenticated in 9.7.5 users, allowing them to possibly obtain sensitive...
My Geo Posts Free <= 1.2 - PHP Object Injection
The My Geo Posts Free plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.2 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If ...
PrestaShop fieldpopupnewsletter Module - Cross Site Scripting
Fieldpopupnewsletter Prestashop Module v1.0.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the callback parameter at ajax.php. id: CVE-2023-39676 info: name: PrestaShop fieldpopupnewsletter Module - Cross Site Scripting author: meme-lord severity: medium...
Prestashop posstaticfooter <= 1.0.0 - SQL Injection
Prestashop posstaticfooter = 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook. id: CVE-2023-30194 info: name: Prestashop posstaticfooter = 1.0.0 - SQL Injection author: daffainfo severity: critical description: | Prestashop posstaticfooter = 1.0.0 is vulnerable to SQL...
Frappe Framework < 16.15.0 - Arbitrary File Read via render_include Path Traversal
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above. id: CVE-2026-39352 info: name: Frappe Framework 16.15.0 - Arbitrary File...
WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting
WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in...
Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload
Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...
Ghost CMS - User Enumeration
Ghost CMS 5.9.4 contains a user enumeration vulnerability in the login functionality. The application reveals whether a user account exists through different error messages, allowing attackers to enumerate valid user accounts via specially-crafted HTTP requests. id: CVE-2022-41697 info: name: Gho...
ifw8 Router ROM v4.31 - Credential Discovery
ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source code. id: CVE-2019-16313 info: name: ifw8 Router ROM v4.31 - Credential Discovery author: pikpikcu severity: high description: ifw8 Router ROM v4.31 is vulnerable to credential disclosure via...
OsTicket < 1.14.3 - Server Side Request Forgery
SSRF vulnerability exists in osTicket before 1.14.3, allowing an attacker to add malicious files to the server or perform port scanning. id: CVE-2020-24881 info: name: OsTicket 1.14.3 - Server Side Request Forgery author: hnd3884 severity: critical description: | SSRF vulnerability exists in...
Netis Wifi Router - Information Disclosure
An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a...
WordPress Themify Builder < 7.5.8 - Open Redirect
The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...
Oracle Retail Xstore Suite - Pre-authenticated Path Traversal
Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications component: Security. Supported versions that are affected are 19.0.5, 20.0.3, 20.0.4, 22.0.0 and 23.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
EyouCms v1.6.2 - Cross-Site Scripting
EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /admin/twitter.php?activet. id: CVE-2023-41597 info: name: EyouCms v1.6.2 - Cross-Site Scripting author: ritikchaddha severity: medium description: | EyouCms v1.6.2 was discovered to...
NocoDB version <= 0.106.1 - Arbitrary File Read
NocoDB through 0.106.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, includi...
Jira Rainbow.Zen - Cross-Site Scripting
Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter. id: CVE-2007-0885 info: name: Jira Rainbow.Zen - Cross-Site Scripting author: geeknik severity: medium...