Joomla! Component GMapFP 3.5 - Arbitrary File Upload

Joomla! Component GMapFP 3.5 is vulnerable to arbitrary file upload vulnerabilities. An attacker can access the upload function of the application without authentication and can upload files because of unrestricted file upload which can be bypassed by changing Content-Type & name file too double...

Citrix XenMobile Server - Local File Inclusion

Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6, and Citrix XenMobile Server before 10.9 RP5 are susceptible to local file inclusion vulnerabilities. reference: -...

W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal

WordPress plugin W3 Total Cache before version 0.9.4 allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data via pub/sns.php. id: CVE-2019-6715 info: name: W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal autho...

Node.js <8.6.0 - Directory Traversal

Node.js before 8.6.0 allows remote attackers to access unintended files because a change to ".." handling is incompatible with the pathname validation used by unspecified community modules. id: CVE-2017-14849 info: name: Node.js 8.6.0 - Directory Traversal author: RandomRobbie severity: high...

Citrix ADC/Gateway - Cross-Site Scripting

Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 contain a cross-site scripting vulnerability due to improper input validation. id: CVE-2020-8191 info: name: Citrix...

Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection

Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30,...

Knowage Suite 7.3 - Cross-Site Scripting

Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. id: CVE-2021-30213 info: name: Knowage Suite 7.3 - Cross-Site Scripting author: alph4byt3 severity:...

Clansphere CMS 2011.4 - Cross-Site Scripting

Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the "language" parameter. id: CVE-2021-27310 info: name: Clansphere CMS 2011.4 - Cross-Site Scripting author: alph4byt3 severity: medium description: Clansphere CMS 2011.4 contains an unauthenticate...

Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery

Canvas version 2020-07-29 is susceptible to blind server-side request forgery. An attacker can cause Canvas to perform HTTP GET requests to arbitrary domains and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-5775 info: name: Canva...

phpPgAdmin <=4.2.1 - Local File Inclusion

phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. dot dot in the language parameter to index.php. id: CVE-2008-5587 info: name: phpPgAdmin =4.2.1 - Local File Inclusion author:...

Opensis-Classic 8.0 - Cross-Site Scripting

Opensis-Classic Version 8.0 is affected by cross-site scripting. An unauthenticated user can inject and execute JavaScript code through the linkurl parameter in Ajaxurlencode.php. id: CVE-2021-40542 info: name: Opensis-Classic 8.0 - Cross-Site Scripting author: alph4byt3 severity: medium...

Wordpress Zedna eBook download <1.2 - Local File Inclusion

Wordpress Zedna eBook download prior to version 1.2 was affected by a filedownload.php local file inclusion vulnerability. id: CVE-2016-10924 info: name: Wordpress Zedna eBook download 1.2 - Local File Inclusion author: idealphase severity: high description: | Wordpress Zedna eBook download prior...

shadoweb wdja v1.5.1 - Cross-Site Scripting

shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. id: CVE-2020-20982 info: name: shadoweb wdja v1.5.1 - Cross-Site Scripting author:...

WordPress Slider Revolution - Local File Disclosure

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734. id:...

Apache ShenYu Admin JWT - Authentication Bypass

Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. id: CVE-2021-37580 info: name: Apache ShenYu Admin JWT - Authentication Bypass author: pdteam severity: critical descriptio...

Allied Telesis AT-GS950/8 - Local File Inclusion

Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 is susceptible to local file inclusion via its web interface. id: CVE-2019-18922 info: name: Allied Telesis AT-GS950/8 - Local File Inclusion author: 0xAkoko severity: high description: | Allied Telesis AT-GS950/8 until Firmware AT-S107...

SquirrelMail 1.4.x - Folder Name Cross-Site Scripting

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. id: CVE-2004-0519 info: name: SquirrelMail 1.4.x -...

HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass

HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22 contains an authentication bypass vulnerability which could be remotely exploited to bypass remote authentication and possibly lead to execution of arbitrary commands, gaining...

Eclipse Jetty ConcatServlet - Information Disclosure

Eclipse Jetty through 9.4.40, through 10.0.2, and through 11.0.2 is susceptible to information disclosure. Requests to the ConcatServlet with a doubly encoded path can access protected resources within the WEB-INF directory, thus enabling an attacker to potentially obtain sensitive information,...

Spring Boot Actuator Logview Directory Traversal

spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability in libraries that adds a simple logfile viewer as a spring boot actuator endpoint maven package "eu.hinsch:spring-boot-actuator-logview". id: CVE-2021-21234 info: name: Spring Boot Actuator Logview...

Microstrategy Web 7 - Cross-Site Scripting

Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter. id: CVE-2018-18775 info: name: Microstrategy Web 7 - Cross-Site Scripting author: 0xAkoko severity: medium description: Microstrategy Web 7 does not...

Joomla! JCK Editor SQL Injection

The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter. id: CVE-2018-17254 info: name: Joomla! JCK Editor SQL Injection author: SumanKar severity: critical description: The JCK Editor component 6.4.4 for Joomla! allows SQL Injection vi...

CirCarLife <4.3 - Improper Authentication

CirCarLife before 4.3 is susceptible to improper authentication. An internal installation path disclosure exists due to the lack of authentication for /html/repository.System. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16668 inf...

Rubedo CMS <=3.4.0 - Directory Traversal

Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI. id: CVE-2018-16836 info: name:...

Oracle Business Intelligence Publisher - XML External Entity Injection

Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publishe...

Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection

Teclib GLPI = 9.3.3 exposes a script /scripts/unlocktasks.php that incorrectly sanitizes user controlled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. id: CVE-2019-10232 info: name:...

Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection

The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can...

ClinicCases 7.3.3 Cross-Site Scripting

ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft. id: CVE-2021-38704 info: name:...

myfactory FMS - Cross-Site Scripting

myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. id: CVE-2021-42566 info: name: myfactory FMS - Cross-Site Scripting author: madrobot,daffainfo severity: medium description: | myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. impact...

DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery

DotNetNuke aka DNN before 9.2.0 suffers from a server-side request forgery vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources. id: CVE-2017-0929 info: name: DotNetNuke DNN ImageHandler 9.2.0 - Server-Side Request Forgery author...

BigAnt Server v5.6.06 - Local File Inclusion

BigAnt Server v5.6.06 is vulnerable to local file inclusion. id: CVE-2022-23347 info: name: BigAnt Server v5.6.06 - Local File Inclusion author: 0xAkoko severity: high description: BigAnt Server v5.6.06 is vulnerable to local file inclusion. impact: | Successful exploitation of this vulnerability...

WordPress Super Socializer <7.13.30 - Cross-Site Scripting

WordPress Super Socializer plugin before 7.13.30 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the urls parameter in its thechampsharingcount AJAX action available to both unauthenticated and authenticated users before outputting it back in the response...

Sony IPELA Engine IP Camera - Hardcoded Account

Multiple SONY network cameras are vulnerable to sensitive information disclosure via hardcoded credentials. id: CVE-2016-7834 info: name: Sony IPELA Engine IP Camera - Hardcoded Account author: af001 severity: high description: | Multiple SONY network cameras are vulnerable to sensitive informati...

Reprise License Manager 14.2 - Information Disclosure

Reprise License Manager 14.2 is susceptible to information disclosure via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostnames, system architecture and file/directory...

Reprise License Manager 14.2 - Cross-Site Scripting

Reprise License Manager 14.2 contains a reflected cross-site scripting vulnerability in the /goform/loginprocess 'username' parameter via GET, whereby no authentication is required. id: CVE-2022-28363 info: name: Reprise License Manager 14.2 - Cross-Site Scripting author: Akincibor severity: medi...

Bonita BPM Portal <6.5.3 - Local File Inclusion

Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. dot dot in the theme parameter and a file path in the location parameter to bonita/portal/themeResource. id: CVE-2015-3897 info: name: Bonita BPM Portal 6.5.3 - Local File Inclusion author: 0xAkoko severity:...

Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion

Oracle GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to unauthenticated local file inclusion vulnerabilities that allow remote attackers to request arbitrary files on the server. id: CVE-2017-1000029 info: name: Oracle GlassFish Server Open Source Edition 3.0.1 - Local File...

LionWiki <3.2.12 - Local File Inclusion

LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion. id: CVE-2020-27191 info: name: LionWiki 3.2.12 - Local File Inclusion author: 0xAkoko severity: high description: LionWiki before...

ImpressCMS <1.4.3 - Incorrect Authorization

ImpressCMS before 1.4.3 is susceptible to incorrect authorization via include/findusers.php. An attacker can provide a security token and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-26598 info: name: ImpressCMS 1.4.3 - Incorrect...

Gogs <0.12.5 - Server-Side Request Forgery

Gogs GitHub repository before 0.12.5 is susceptible to server-side request forgery. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-0870 info: name: Gogs 0.12.5 - Server-Sid...

Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting

ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks. id: CVE-2021-46387 info: name: Zyxel ZyWALL 2...

WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting

The plugin is affected by a cross-site scripting vulnerability within the "visibility" parameter. id: CVE-2021-25055 info: name: WordPress FeedWordPress 2022.0123 - Authenticated Cross-Site Scripting author: DhiyaneshDK severity: medium description: | The plugin is affected by a cross-site...

WordPress WHMCS Bridge <6.4b - Cross-Site Scripting

WordPress WHMCS Bridge plugin before 6.4b contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the error parameter before outputting it back in the admin dashboard. id: CVE-2021-25112 info: name: WordPress WHMCS Bridge 6.4b - Cross-Site Scripting author:...

WordPress Sitemap by click5 <1.0.36 - Missing Authorization

WordPress Sitemap by click5 plugin before 1.0.36 is susceptible to missing authorization. The plugin does not have authorization or CSRF checks when updating options via a REST endpoint and does not ensure that the option to be updated belongs to the plugin. An attacker can possibly obtain...

Jfrog Artifactory <6.17.0 - Default Admin Password

Jfrog Artifactory prior to 6.17.0 uses default passwords such as "password" for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. id: CVE-2019-17444 info: name: Jfrog Artifactory...

DokuWiki - Cross-Site Scripting

DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATEAT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

Joomla! ChronoForums 2.0.11 - Local File Inclusion

Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials. id: CVE-2021-28377 info: name: Joomla!...

WordPress Admin Word Count Column 2.2 - Local File Inclusion

The plugin does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique. id:...

SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting

SAP Knowledge Warehouse 7.30, 7.31, 7.40, and 7.50 contain a reflected cross-site scripting vulnerability via the usage of one SAP KW component within a web browser. id: CVE-2021-42063 info: name: SAP Knowledge Warehouse =7.5.1 to mitigate the XSS vulnerability. reference: -...

openSIS Student Information System 8.0 SQL Injection

openSIS Student Information System version 8.0 is susceptible to SQL injection via the studentid and TRANSFERSCHOOL parameters in POST request sent to /TransferredOutModal.php. id: CVE-2021-41691 info: name: openSIS Student Information System 8.0 SQL Injection author: Bartu Utku SARP severity: hi...