4145 matches found
WordPress Page Views Count <2.4.15 - SQL Injection
WordPress Page Views Count plugin prior to 2.4.15 contains an unauthenticated SQL injection vulnerability. It does not sanitise and escape the postids parameter before using it in a SQL statement via a REST endpoint. An attacker can possibly obtain sensitive information, modify data, and/or execu...
Lin CMS Spring Boot - Default JWT Token
An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application. id: CVE-2022-32430 info: name: Lin CMS Spring Boot - Default JWT Token author: DhiyaneshDK severity: high description: | An access control issue in Lin CM...
WordPress Cab fare calculator < 1.0.4 - Local File Inclusion
The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues. id: CVE-2022-1391 info: name: WordPress Cab fare calculator 1.0.4 - Local File Inclusion author: Splint3r7...
WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability
WordPress Simple Ajax Chat before 20220216 is vulnerable to sensitive information disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it. id: CVE-2022-27849 info: name: WordPress Simple Ajax...
WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure
The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request id: CVE-2022-1595 info: name: WordPress HC Custom WP-Admin URL =1.5 to mitigate the vulnerability. reference: -...
Car Rental Management System 1.0 - SQL Injection
Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manageuser.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32028...
WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting
WordPress Cookie Information/Free GDPR Consent Solution plugin prior to 2.0.8 contains a cross-site scripting vulnerability via the admin dashboard. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...
Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection
Alt-n/MDaemon Security Gateway through 8.5.0 is susceptible to XML injection via SecurityGateway.dll?view=login. An attacker can inject an arbitrary XML argument by adding a new parameter in the HTTP request URL. As a result, the XML parser fails the validation process and discloses information...
Cuppa CMS v1.0 - Cross Site Scripting
Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function. id: CVE-2022-38295...
WWBN AVideo 11.6 - Cross-Site Scripting
WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the 'success' parameter, which is inserted into the document with insufficient sanitization. id: CVE-2022-32771 info: name: WWBN AVideo 11.6 - Cross-Site Scripting author: arafatansari severity:...
AirFlow < 2.4.0 - Remote Code Execution
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0. id: CVE-2022-40127 info: name: AirFlow 2.4.0 -...
DotCMS - Arbitrary File Upload
DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow attackers to upload malicious Trojans to obtain server permissions. id: CVE-2022-26352 info: name: DotCMS - Arbitrary File Upload author: h1ei1 severity: critical description: DotCM...
WordPress Stop Bad Bots <6.930 - SQL Injection
WordPress Stop Bad Bots plugin before 6.930 contains a SQL injection vulnerability. The plugin does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbotsgravafingerprint AJAX action, available to unauthenticated users. An attacker can...
WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting
WordPress Shortcodes and extra features plugin for the Phlox theme before 2.9.8 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response. An attacker can inject arbitrary script in the browser of an unsuspecting...
WordPress Simple Link Directory <7.7.2 - SQL injection
WordPress Simple Link Directory plugin before 7.7.2 contains a SQL injection vulnerability. The plugin does not validate and escape the postid parameter before using it in a SQL statement via the qcopdupvoteaction AJAX action, available to unauthenticated and authenticated users. An attacker can...
Terraboard <2.2.0 - SQL Injection
Terraboard prior to 2.2.0 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-1883 info: name: Terraboard 2.2.0 - SQL Injection author:...
WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting
WordPress Contact Form 7 before 1.3.6.3 contains an unauthenticated stored cross-site scripting vulnerability in the Drag and Drop Multiple File Upload plugin. SVG files can be uploaded by default via the dndcodedropzupload AJAX action. id: CVE-2022-0595 info: name: WordPress Contact Form 7 1.3.6...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleterequest. id: CVE-2022-31976 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...
Cuppa CMS v1.0 - Authenticated Local File Inclusion
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload. id: CVE-2022-37191 info: name: Cuppa CMS v1.0 - Authenticated Local File Inclusion author: theamanrawat...
WP User <= 7.0 - Unauthenticated SQLi
The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. id: CVE-2022-4049 info: name: WP User = 7.0 - Unauthenticated SQLi author: theamanrawat severity: critica...
WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting
WorsPress Spider Calendar plugin through 1.5.65 is susceptible to cross-site scripting. The plugin does not sanitize and escape the callback parameter before outputting it back in the page via the window AJAX action, available to both unauthenticated and authenticated users. An attacker can injec...
Helmet Store Showroom v1.0 - SQL Injection
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access. id: CVE-2022-46071 info: name: Helmet Store Showroom v1.0 - SQL Injection author: Harsh severity: critical description: | There is SQL Injection vulnerability...
WordPress FlatPM <3.0.13 - Cross-Site Scripting
WordPress FlatPM plugin before 3.0.13 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape certain parameters before outputting them back in pages, which can be exploited against high privilege users such as admin. An attacker can steal cookie-based authenticatio...
SINEMA Remote Connect Server < V2.0 - Open Redirect
A vulnerability has been identified in SINEMA Remote Connect Server All versions V2.0. Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks. id: CVE-2022-23102...
WordPress ProfilePress 3.0-3.1.3 - Arbitrary File Upload
A vulnerability in the file uploader component found in the /src/Classes/FileUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. This issue affects versions 3.0.0 - 3.1.3. id: CVE-2021-3462...
Cachet <=2.3.18 - SQL Injection
Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the SearchableTraitscopeSearch. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and...
Slims9 Bulian 9.4.2 - SQL Injection
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...
Forescout CounterACT 6.3.4.1 - Open Redirect
Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the 'a' parameter. id: CVE-2012-4982 info: name: Forescout CounterACT 6.3.4.1 - Open Redirect...
WordPress Integrator 1.32 - Cross-Site Scripting
A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php. id: CVE-2012-5913 info: name: WordPress Integrator 1.32 - Cross-Site Scripti...
WebsitePanel before v1.2.2.1 - Open Redirect
Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx id: CVE-2012-4032 info: name: WebsitePanel before v1.2.2.1 - Open Redirect author:...
WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting
A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI. id: CVE-2012-4768 info: name: WordPress Plugin Download Monitor 3.3.5.9 - Cross-Site...
WordPress Mapplic <= 6.1 / Mapplic Lite <= 1.0 - Authenticated Stored XSS via SVG File Upload
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Stored Cross-Site Scripting via arbitrary URL injection in versions up to and including 6.1 and 1.0 respectively. Authenticated users with author-level permissions can inject arbitrary remote URLs for SVG map files. When a user...
Hue Magic 3.0.0 - Local File Inclusion
Hue Magic 3.0.0 is susceptible to local file inclusion via the res.sendFile API. id: CVE-2021-25864 info: name: Hue Magic 3.0.0 - Local File Inclusion author: 0xAkoko severity: high description: Hue Magic 3.0.0 is susceptible to local file inclusion via the res.sendFile API. impact: | The LFI...
EyouCMS 1.5.4 Open Redirect
EyouCMS 1.5.4 is vulnerable to an Open Redirect vulnerability. An attacker can redirect a user to a malicious url via the Logout function. id: CVE-2021-39501 info: name: EyouCMS 1.5.4 Open Redirect author: 0xAkoko severity: medium description: EyouCMS 1.5.4 is vulnerable to an Open Redirect...
Registrations for the Events Calendar < 2.7.6 - SQL Injection
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and escape the eventid in the rtecsendunregisterlink AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an unauthenticated SQL injection. id:...
WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues. id: CVE-2021-24435 info: name: WordPress Titan Framework plugin =...
WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting
WordPress Simple Giveaways plugin before 2.36.2 contains a cross-site scripting vulnerability via the method and share GET parameters of the Giveaway pages, which are not sanitized, validated, or escaped before being output back in the pages. id: CVE-2021-24298 info: name: WordPress Simple...
SolarWinds Serv-U 15.3 - Directory Traversal
SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to installation and server files and also make it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id:...
10Web Photo Gallery < 1.5.55 - SQL Injection
WordPress plugin 10Web Photo Gallery versions before 1.5.55 contains a SQL injection caused by unvalidated input in the 'bwgsearchx' parameter in frontend/models/model.php, letting attackers execute arbitrary SQL commands, exploit requires attacker to control the 'bwgsearchx' parameter. id:...
Odoo Apps - Cross-Site Scripting via Prototype Pollution
jquery-bbq 1.2.1 contains a prototype pollution caused by improperly controlled modification of object prototype attributes, letting malicious users inject properties into Object.prototype, exploit requires malicious user interaction. id: CVE-2021-20086 info: name: Odoo Apps - Cross-Site Scriptin...
Vehicle Service Management System 1.0 - Cross Site Scripting
Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel. id: CVE-2021-46073 info: name: Vehicle Service Management System 1.0 - Cross Site Scripting author: TenBird severity: medium description: | Vehicle Service Management Syst...
Gryphon Tower - Cross-Site Scripting
Gryphon Tower router web interface contains a reflected cross-site scripting vulnerability in the url parameter of the /cgi-bin/luci/siteaccess/ page. An attacker can exploit this issue by tricking a user into following a specially crafted link, granting the attacker JavaScript execution in the...
GiveWP <= 2.9.7 - Cross-Site Scripting
GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress versions before 2.10.0 is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in the admin Donors page. id: CVE-2021-24213 info: name: GiveWP = 2.9.7 - Cross-Site Scripting author: Shivam Kamboj severity: medium...
Patreon WordPress <1.7.0 - Unauthenticated Local File Inclusion
Patreon WordPress before version 1.7.0 is vulnerable to unauthenticated local file inclusion that could be abused by anyone visiting the site. Exploitation by an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the...
Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure
Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to password disclosure because the password.html page of the web management interface contains the administrator account password in plaintext. id: CVE-2021-28937 info: name: Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure...
SDT-CW3B1 1.1.0 - OS Command Injection
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. id: CVE-2021-46422 info: name: SDT-CW3B1 1.1.0 - OS Command Injection author: badboycxcc,prajiteshsingh severity: critical description: ...
WordPress Image Hover Ultimate - Unauthenticated Settings Update
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin. id: CVE-2021-36888 info: name: WordPress Image Hover Ultimate - Unauthenticated Settings Update author: riteshs4hu severity:...
WAVLINK AC1200 - Information Disclosure
A vulnerability is in the 'livemfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router. id: CVE-2021-44260 info: name:...
myfactory FMS - Cross-Site Scripting
myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter. id: CVE-2021-42565 info: name: myfactory FMS - Cross-Site Scripting author: madrobot,daffainfo severity: medium description: | myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter. impact: |...
Seo Panel 4.8.0 - Cross-Site Scripting
Seo Panel 4.8.0 contains a reflected cross-site scripting vulnerability via the seo/seopanel/login.php?sec=forgot email parameter. id: CVE-2021-3002 info: name: Seo Panel 4.8.0 - Cross-Site Scripting author: edoardottt severity: medium description: Seo Panel 4.8.0 contains a reflected cross-site...