4137 matches found
VvvebJs < 1.7.5 - Arbitrary File Upload
Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php. id: CVE-2024-29272 info: name: VvvebJs 1.7.5 - Arbitrary File Upload author: s4e-...
Sidekiq < 7.0.8 - Cross-Site Scripting
An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system. id: CVE-2023-1892 info: name: Sidekiq 7.0.8 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: critical description: | An XSS vulnerability on a Sidekiq admin pan...
D-Link DIR-615 - Unauthorized Access
D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. id: CVE-2021-42627 info: name...
Popup Builder < 4.0.7 - SQL Injection
The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection. id: CVE-2022-0228 info: name: Popup Builder 4.0.7 -...
Geoserver - Server-Side Request Forgery
GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host. id: CVE-2021-40822 info: name: Geoserver - Server-Side Request Forgery author: For3stCo1d,aringo-bf severity: high description: GeoServer through 2.18.5 and 2.19.x throug...
Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal
A directory traversal vulnerability in Cisco Unified Communications Manager CUCM 5.x and 6.x before 6.15SU2, 7.x before 7.15bSU2, and 8.x before 8.03, and Cisco Unified Contact Center Express aka Unified CCX or UCCX and Cisco Unified IP Interactive Voice Response Unified IP-IVR before 6.01SR1ES8,...
SquirrelMail 1.4.x - Folder Name Cross-Site Scripting
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. id: CVE-2004-0519 info: name: SquirrelMail 1.4.x -...
Joomla! Component DW Graph - Local File Inclusion
A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs comdwgraphs component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-1302 info: name: Joomla! Component DW Grap...
Joomla! Component Online Exam 1.5.0 - Local File Inclusion
A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...
WordPress Plugin WP Content Source Control - Directory Traversal
A directory traversal vulnerability in the filegetcontents function in downloadfiles/download.php in the WP Content Source Control wp-source-control plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the path parameter. id: CVE-2014-5368 inf...
Joomla! Component Percha Image Attach 1.1 - Directory Traversal
A directory traversal vulnerability in the Percha Image Attach comperchaimageattach component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2034 info: name: Joomla...
Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery
Canvas version 2020-07-29 is susceptible to blind server-side request forgery. An attacker can cause Canvas to perform HTTP GET requests to arbitrary domains and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-5775 info: name: Canva...
Zend Server <9.13 - Cross-Site Scripting
Zend Server before version 9.13 is vulnerable to cross-site scripting via the debughost parameter. id: CVE-2018-10230 info: name: Zend Server 9.13 - Cross-Site Scripting author: marcosiaf severity: medium description: | Zend Server before version 9.13 is vulnerable to cross-site scripting via the...
WordPress Tidio-form <=1.0 - Cross-Site Scripting
WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and...
Xsuite <=2.4.4.5 - Open Redirect
Xsuite 2.4.4.5 and prior contains an open redirect vulnerability, which can allow a remote attacker to redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the redirurl parameter. id: CVE-2015-4668 info: name: Xsuite =2.4.4.5 - Open Redirect author: 0xAkoko...
Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content. id: CVE-2022-42095 info: name: Backdrop CMS version 1.23.0 - Cross Site Scripting Stored author: theamanrawat severity: medium description: | Backdrop CMS version 1.23.0 was...
Cuppa CMS v1.0 - Authenticated Local File Inclusion
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload. id: CVE-2022-37191 info: name: Cuppa CMS v1.0 - Authenticated Local File Inclusion author: theamanrawat...
Contao <4.13.3 - Cross-Site Scripting
Contao prior to 4.13.3 contains a cross-site scripting vulnerability. It is possible to inject arbitrary JavaScript code into the canonical tag. id: CVE-2022-24899 info: name: Contao 4.13.3 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Contao prior to 4.13.3 contains...
Chamilo Command Injection
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11. up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. id: CVE-2023-34960 info: name: Chamilo Command Injection author: DhiyaneshDK severity: critical...
ILIAS eLearning <7.16 - Open Redirect
ILIAS eLearning before 7.16 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-45917 info: name: ILIAS eLearning 7.16 - Open Redirect author:...
WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting
WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in...
Roxy-WI - Remote Code Execution
Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the sshcommand function without processing the inputs received from the user in the /app/funct.py file. id: CVE-2022-31126 info: name: Roxy-WI - Remote Code Execution author: ritikchaddha...
Atmail 6.5.0 - Cross-Site Scripting
Atmail 6.5.0 contains a cross-site scripting vulnerability via the index.php/admin/index/ 'error' parameter. id: CVE-2022-30776 info: name: Atmail 6.5.0 - Cross-Site Scripting author: 3th1cyuk1 severity: medium description: | Atmail 6.5.0 contains a cross-site scripting vulnerability via the...
WordPress WP Video Gallery <=1.7.1 - SQL Injection
WordPress WP Video Gallery plugin through 1.7.1 contains a SQL injection vulnerability. The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...
Appspace 6.2.4 - Server-Side Request Forgery
Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. id: CVE-2021-27670 info: name: Appspace 6.2.4 - Server-Side Request Forgery author: ritikchaddha severity: critical description: Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. impact...
IceWarp WebMail 11.4.5.0 - Cross-Site Scripting
IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language parameter. id: CVE-2020-27982 info: name: IceWarp WebMail 11.4.5.0 - Cross-Site Scripting author: madrobot severity: medium description: IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language...
Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page. id: CVE-2020-35713 info: name: Belkin Linksys RE6500 1.0.012.001 - Remote Command Execution author: gy741 severity:...
Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery
Onair2 3.9.9.2 and KenthaRadio 2.0.2 have exposed proxy functionality to unauthenticated users. Sending requests to this proxy functionality will have the web server fetch and display the content from any URI, allowing remote file inclusion and server-side request forgery. id: CVE-2021-24472 info...
WordPress Domain Check <1.0.17 - Cross-Site Scripting
WordPress Domain Check plugin before 1.0.17 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the domain parameter before outputting it back in the page. id: CVE-2021-24926 info: name: WordPress Domain Check 1.0.17 - Cross-Site Scripting author: cckuailong...
WordPress wpCentral <1.5.1 - Information Disclosure
WordPress wpCentral plugin before 1.5.1 is susceptible to information disclosure. An attacker can access the connection key for WordPress Admin account and thus potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-9043 info: name: WordPress...
Htaccess by BestWebSoft < 1.7.6 - Cross-Site Scripting
The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. id: CVE-2017-18496 info: name: Htaccess by BestWebSoft 1.7.6 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. impact: |...
Joomla! Component Cookex Agency CKForms - Local File Inclusion
A directory traversal vulnerability in the Cookex Agency CKForms comckforms component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1345 info: name: Joomla! Component Cookex Agency CKForms - Local File...
CirCarLife <4.3 - Improper Authentication
CirCarLife before 4.3 is susceptible to improper authentication. A system software information disclosure exists due to lack of authentication for /html/device-id. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16671 info: name:...
Webgrind <= 1.5 - Local File Inclusion
Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem that the webserver user has access to via an index.php?op=fileviewer&file= URI id: CVE-2018-12909 info: name: Webgrind = 1.5 - Local File Inclusion author: DhiyaneshDk severity: high...
WordPress JH 404 Logger <=1.1 - Cross-Site Scripting
WordPress JH 404 Logger plugin through 1.1 contains a cross-site scripting vulnerability. Referer and path of 404 pages are not properly sanitized when they are output in the WordPress dashboard, which can lead to executing arbitrary JavaScript code. id: CVE-2021-24176 info: name: WordPress JH 40...
OpenCATS - Open Redirect
OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in turn, exposes OpenCATS to possible template injection and obtaining sensitive information, modifying data, and/or executing unauthorized operations. id: CVE-2023-27292 info: name:...
ZKTeco BioTime v8.5.5 - Path Traversal
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. id: CVE-2023-38950 info: name: ZKTeco BioTime v8.5.5 - Path Traversal author: iamnoooob,pdresearch severity: high description: | A pa...
LinuxKI Toolset <= 6.01 - Remote Command Execution
LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. id: CVE-2020-7209 info: name: LinuxKI Toolset = 6.01 - Remote Command Execution author: dwisiswant0 severity: critical description: LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. impact: | Successful...
MSNSwitch Firmware MNT.2408 - Authentication Bypass
MSNSwitch Firmware MNT.2408 is susceptible to authentication bypass in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh. An attacker can arbitrarily configure settings, leading to possible remote code execution and subsequent unauthorized operations. id: CVE-2022-32429 info: name:...
SonicWall SRA 4600 VPN - SQL Injection
The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authentication SQL injection vulnerability. id: CVE-2019-7481 info: name: SonicWall SRA 4600 VPN - SQL Injection author: darrenmartyn severity: high description: The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authenticatio...
NETGEAR Routers - Remote Code Execution
NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow...
WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kunal Nagar Custom 404 Pro allows Reflected XSS.This issue affects Custom 404 Pro: from n/a through 3.11.1. id: CVE-2024-39646 info: name: WordPress Custom 404 Pro = 3.11.1 - Reflected XSS...
Widget4Call WordPress - Cross-Site Scripting
Widget4Call WordPress plugin = 1.0.7 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13099 info: name:...
Melis Technology Melis Platform - Unrestricted File Upload & Remote Code Execution
Melis Technology Melis Platform contains an unrestricted file upload caused by insufficient validation of 'mcsdetailimg' parameter in /melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm, letting attackers upload malicious files and achieve remote code execution, exploit requires crafted...
Visual CSS Style Editor < 7.5.4 - Cross-Site Scripting
The plugin does not sanitise and escape the wyppagetype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue id: CVE-2021-24934 info: name: Visual CSS Style Editor 7.5.4 - Cross-Site Scripting author: Splint3r7 severity: medium description: | The...
MantisBT < 2.25.2 - Cross-Site Scripting
MantisBT before 2.25.2 contains a cross-site scripting vulnerability in browsersearchplugin.php. The application does not properly sanitize the 'type' parameter, which allows attackers to inject arbitrary web script or HTML via a crafted URL. id: CVE-2022-28508 info: name: MantisBT 2.25.2 -...
WebTitan < 3.60 - Local File Inclusion
Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. dot dot in the fname parameter in a view action. id: CVE-2011-4640 info: name: WebTitan 3.60 - Local File Inclusion author: ctflearner severity:...
BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection
A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been classified as critical. This affects an unknown part of the file /xds/deleteStudy.php. The manipulation of the argument documentUniqueId leads to sql injection. It is possible to initiate the attack...
DATAGERRY - REST API Auth Bypass
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests. id: CVE-2024-46627 info: name: DATAGERRY - REST API Auth Bypass author: gy741 severity: critical description: | Incorrect access control in BECN DATAGERRY v2.2 allows attackers...
JobMonster < 4.5.2.9 - Cross-Site Scripting
In the theme JobMonster 4.5.2.9 there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests. id: CVE-2022-1170 info: name: JobMonster 4.5.2.9 - Cross-Site Scripting author: Akincibor,ritikchaddha severity: medium description: | In the theme JobMonste...