Design/Logic Flaw

The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files...

Sql injection

The WP Sessions Time Monitoring Full Automatic WordPress plugin before 1.0.9 does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in...

Remote code execution

The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution...

Sql injection

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

Sql injection

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

Design/Logic Flaw

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server...

Code injection

The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the backups-dup-lite/tmp directory or the backups-dup-pro/tmp directory in the Pro version, which temporarily stores files containing sensitive data. When directory listing is...

Code injection

The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the aysquizauthorusersearch AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses...

Design/Logic Flaw

The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag...

Cross site scripting

The JSON Content Importer WordPress plugin before 1.5.4 does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Code injection

The WP Mail Log WordPress plugin before 1.1.3 does not correctly authorize its REST API endpoints, allowing users with the Contributor role to view and delete data that should only be accessible to Admin users...

Cross site scripting

The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

Code injection

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account e.g. subscribers to upload arbitrary files such as PHP on the server...

Cross site scripting

The BSK Forms Blacklist WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Stack overflow

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function formGetWeiXinConfig...

Command injection

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

Stack overflow

Tenda W9 V1.0.0.74456CN was discovered to contain a stack overflow via the function formWifiMacFilterSet...

Stack overflow

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function R7WebsSecurityHandler...

Command injection

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo...

Stack overflow

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function fromSetLocalVlanInfo...

Stack overflow

Tenda W9 V1.0.0.74456CN was discovered to contain a stack overflow via the function formSetUplinkInfo...

Design/Logic Flaw

resumable.php aka PHP backend for resumable.js 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. File overwrite hasn't been possible with the code available in GitHub in recent years, however...

Stack overflow

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function upgrade...

Stack overflow

Tenda W9 V1.0.0.74456CN was discovered to contain a stack overflow via the function formSetAutoPing...

Command injection

Tenda M3 V1.0.0.124856 was discovered to contain a Command Execution vulnerability via the function TendaTelnet...

Command injection

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formexeCommand...

Cross site scripting

A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this...

Stack overflow

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function formDelWlRfPolicy...

Design/Logic Flaw

A floating point exception divide-by-zero vulnerability was discovered in mupdf 1.23.4 in functon pnmbinaryreadimage of load-pnm.c line 527...

Design/Logic Flaw

A floating point exception divide-by-zero vulnerability was discovered in mupdf 1.23.4 in functon pnmbinaryreadimage of load-pnm.c...

Design/Logic Flaw

A floating point exception divide-by-zero vulnerability was discovered in mupdf 1.23.4 in functon fznewpixmapfromfloatdata of pixmap.c...

Design/Logic Flaw

A floating point exception divide-by-zero vulnerability was discovered in mupdf 1.23.4 in functon computecolor of jquant2.c...

Code injection

The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code...

Design/Logic Flaw

A floating point exception divide-by-zero vulnerability was discovered in mupdf 1.23.4 in function bmpdecompressrle4 of load-bmp.c...

Cross site scripting

A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27. It has been declared as problematic. This vulnerability affects the function bwsaddmenurender of the file bwsmenu/bwsmenu.php. The manipulation of the argument bwsmnformemail leads to cross site scripting. The attack can be...

Design/Logic Flaw

Passwork before 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes...

Design/Logic Flaw

Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes th...

Cross site request forgery (csrf)

A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 2.06 is able to addres...

Design/Logic Flaw

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

Design/Logic Flaw

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command...

Cross site scripting

Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

Cross site scripting

Stored cross-site scripting vulnerability exists in the User Management /admin/users page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

Authorization

Improper authorization vulnerability exists in the User Management /admin/users page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention...

Cross site scripting

Stored cross-site scripting vulnerability exists in the App Settings /admin/app page and the Markdown Settings /admin/markdown page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using...

Design/Logic Flaw

VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands...

Hardcoded credentials

VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...

Cross site scripting

Stored cross-site scripting vulnerability via the img tags exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

Cross site scripting

Stored cross-site scripting vulnerability exists in the anchor tag of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...