4143 matches found
Joomla! ProDesk 1.0/1.2 - Local File Inclusion
Joomla! Pro Desk Support Center comprodesk component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. dot dot in the includefile parameter to index.php. id: CVE-2008-6222 info: name: Joomla! ProDesk 1.0/1.2 - Local File Inclusion author: daffainfo severity: medium description:...
WordPress Sniplets 1.1.2 - Local File Inclusion
PHP remote file inclusion vulnerability in modules/syntaxhighlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. id: CVE-2008-1059 info: name: WordPress Sniplets 1.1.2 - Local File Inclusion autho...
WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting
WordPress plugin Simpel Reserveren 3.5.2 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress e-search <=1.0 - Cross-Site Scripting
WordPress e-search 1.0 and before contains a reflected cross-site scripting vulnerability via titleaz.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress Tidio Gallery <=1.1 - Cross-Site Scripting
WordPress plugin tidio-gallery v1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...
WordPress Page Layout builder v1.9.3 - Cross-Site Scripting
WordPress plugin Page-layout-builder v1.9.3 contains a cross-site scripting vulnerability. id: CVE-2016-1000141 info: name: WordPress Page Layout builder v1.9.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress plugin Page-layout-builder v1.9.3 contains a cross-site...
WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting
WordPress Pondol Form to Mail 1.1 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authenticati...
HPE System Management - Cross-Site Scripting
HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...
SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion
SAP xMII 15.0 for SAP NetWeaver 7.4 is susceptible to a local file inclusion vulnerability in the GetFileList function. This can allow remote attackers to read arbitrary files via a .. dot dot in the path parameter to /Catalog, aka SAP Security Note 2230978. id: CVE-2016-2389 info: name: SAP xMII...
WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
Fortinet FortiOS < 5.6.0 - Cross-Site Scripting
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken. id: CVE-2017-3132 info: name: Fortinet FortiOS 5.6.0 - Cross-Site Scripting author: ritikchaddh...
Contact Form by BestWebSoft < 4.0.6 - Cross-Site Scripting
The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. id: CVE-2017-18491 info: name: Contact Form by BestWebSoft 4.0.6 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The contact-form-plugin plugin before 4.0.6 for WordPress has multiple X...
Magmi 0.7.22 - Cross-Site Scripting
Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data prefix passed to the magmi-git-master/magmi/web/ajaxgettime.php URL. id: CVE-2017-7391 info: name: Magmi 0.7.22 - Cross-Site Scripting author: pikpikcu severity: medium description: Mag...
Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal
The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...
LiteSpeed Cache <= 6.5.0.2 - Stored XSS
LiteSpeed Technologies LiteSpeed Cache versions up to 6.5.0.2 contain a stored cross-site scripting caused by improper input neutralization during web page generation, letting attackers execute malicious scripts in victim browsers, exploit requires storing malicious input. id: CVE-2024-47374 info...
System Dashboard < 2.8.15 - Admin+ Path Traversal
The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server id: CVE-2024-10708 info: name: System Dashboard 2.8.15 - Admin+ Path...
Gradio - Server Side Request Forgery
An SSRF Server-Side Request Forgery vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...
LearnPress < 4.2.7.4 - Course Material - Information Disclosure
LearnPress – WordPress LMS Plugin contains a sensitive information exposure caused by insecure handling in class-lp-rest-material-controller.php, letting unauthenticated attackers extract paid course material, exploit requires no authentication. id: CVE-2024-11868 info: name: LearnPress 4.2.7.4 -...
Open Redirect in Login Redirect - MobSF
Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open redirect vulnerability exist in MobSF authentication view. id: CVE-2024-41955 info: name: Open Redirect in Login Redirect - MobSF author: Farish severity: medium...
Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)
It is possible to inject arbitrary JavaScript code into the /browse endpoint of the Calibre content server, allowing an attacker to craft a URL that when clicked by a victim, will execute the attacker’s JavaScript code in the context of the victim’s browser. If the Calibre server is running with...
Changedetection.io <= 0.47.4 - Path Traversal
changedetection.io is free, open source web page change detection software. Prior to version 0.47.5, when a WebDriver is used to fetch files, source-file-///etc/passwd can be used to retrieve local system files, where the more traditional file-///etc/passwd gets blocked. Version 0.47.5 fixes the...
SuiteCRM - SQL Injection
SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue. id: CVE-2024-36412 info: name: SuiteC...
EfroTech Timetrax v8.3 - Sql Injection
EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface. id: CVE-2024-39250 info: name: EfroTech Timetrax v8.3 - Sql Injection author: s4e-io,efran severity: high description: | EfroTech Timetrax v8.3 was...
LatePoint <= 5.0.12 - Authentication Bypass
LatePoint plugin for WordPress versions up to 5.0.12 contains an authentication bypass caused by insufficient verification of user during booking, letting unauthenticated attackers log in as any existing user if they have user ID access, exploit requires access to user ID, and the 'Use WordPress...
GutenKit <= 2.1.0 - Arbitrary File Upload
The GutenKit Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the installandactivatepluginfromexternal function install-active-plugin REST API endpoint in all versions up to, a...
Opti Marketing <= 2.0.9 - SQL Injection
The Opti Marketing plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to appe...
Liferay Portal - Open Redirect
HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...
CData Arc < 23.4.8839 - Path Traversal
A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions. id: CVE-2024-31850 info: name: CData Arc 23.4.88...
WPZOOM Social Icons Widget <= 4.2.15 - Missing Authorization
WPZOOM Social Icons Widget & Block versions up to 4.2.15 contain a missing authorization vulnerability caused by insufficient access control in the widget and block, letting attackers perform unauthorized actions, exploit requires no special conditions. id: CVE-2024-30464 info: name: WPZOOM Socia...
MLflow < 2.11.3 - Path Traversal
MLflow versions prior to 2.11.3 are vulnerable to a Path Traversal attack due to improper URI fragment parsing. This vulnerability allows attackers to read arbitrary files on the server, potentially exposing sensitive information. id: CVE-2024-2928 info: name: MLflow 2.11.3 - Path Traversal autho...
Podcast Channels < 0.28 - Cross-Site Scripting
The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability. id: CVE-2014-4544 info: name: Podcast Channels 0.28 - Cross-Site Scripting author: daffainfo severity: medium description: The Podcast Channels WordPress plugin was...
Lighttpd 1.4.34 SQL Injection and Path Traversal
A SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name related to requestcheckhostname. id: CVE-2014-2323 info: name: Lighttpd 1.4.34 SQL Injection and Path Traversal author: geeknik severity: critical...
Netsweeper 3.0.6 - Open Redirection
An open redirect vulnerability in remotereporter/loadlogfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. id: CVE-2014-9617 info: name: Netsweeper 3.0.6 - Open Redirection author:...
WordPress Plugin WP Content Source Control - Directory Traversal
A directory traversal vulnerability in the filegetcontents function in downloadfiles/download.php in the WP Content Source Control wp-source-control plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the path parameter. id: CVE-2014-5368 inf...
Movies <= 0.6 - Cross-Site Scripting
A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4539 info: name: Movies = 0.6 - Cross-Site Scripting author: daffainfo...
WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting
A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter. id: CVE-2013-4625 info: name: WordPress Plugin Duplicator 0.4.5 - Cross-Site Scripting...
WordPress Spreadsheet - Cross-Site Scripting
WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php. id: CVE-2013-6281 info: name: WordPress Spreadsheet - Cross-Site Scripting author: random-robbie severity: medium description: | WordPress Spreadsheet plugin contai...
UC Gateway Investment SiteEngine v5.0 - Open Redirect
Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action. id: CVE-2008-7269 info: name: UC Gateway Investment SiteEngine v5.0 - Open...
Devalcms 1.4a - Cross-Site Scripting
Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file. id: CVE-2008-6982 info: name: Devalcms 1.4a - Cross-Site Scripting author: arafatansari severity: medium description: | Devalcms 1.4a contains a cross-site scripting vulnerability in th...
nweb2fax <=0.2.7 - Local File Inclusion
nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the varfilename parameter submitted to viewrq.php. id: CVE-2008-6668 info: name: nweb2fax =0.2.7 - Local File Inclusion author: geeknik severity: medium description: nweb2fax...
WordPress zm-gallery plugin 1.0 SQL Injection
zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter. id: CVE-2016-10940 info: name: WordPress zm-gallery plugin 1.0 SQL Injection author: cckuailong,daffainfo severity: high description: zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection vi...
WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting
Wordpress plugin forget-about-shortcode-buttons 1.1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress WPSOLR <=8.6 - Cross-Site Scripting
WordPress WPSOLR 8.6 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credential...
WordPress S3 Video <=0.983 - Cross-Site Scripting
WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials...
Sony IPELA Engine IP Camera - Hardcoded Account
Multiple SONY network cameras are vulnerable to sensitive information disclosure via hardcoded credentials. id: CVE-2016-7834 info: name: Sony IPELA Engine IP Camera - Hardcoded Account author: af001 severity: high description: | Multiple SONY network cameras are vulnerable to sensitive informati...
WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting
WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting
WordPress MW Font Changer plugin 4.2.5 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...
WordPress AJAX Random Post <=2.00 - Cross-Site Scripting
WordPress AJAX Random Post 2.00 is vulnerable to reflected cross-site scripting. id: CVE-2016-1000127 info: name: WordPress AJAX Random Post =2.00 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress AJAX Random Post 2.00 is vulnerable to reflected cross-site scripting...
Opsview Monitor Pro - Local File Inclusion
Opsview Monitor Pro prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch is vulnerable to unauthenticated local file inclusion and can be exploited by issuing a specially crafted HTTP GET request utilizing a simple bypass. id:...
WordPress Tidio-form <=1.0 - Cross-Site Scripting
WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and...