[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251453 Download | Alert*

The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF.

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF.

The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF.

The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging.

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none

The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.

The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site.

In the MobileFrontend extension for MediaWiki, XSS exists within the edit summary field of the watchlist feed. This affects REL1_31, REL1_32, and REL1_33.

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file.


Pages:      Start    9328    9329    9330    9331    9332    9333    9334    9335    9336    9337    9338    9339    9340    9341    ..   25145

© SecPod Technologies