[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 253351 Download | Alert*

Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type.

The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql.

Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file.

In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.

Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file.

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 153388.

admin\db\DoSql.php in EmpireCMS through 7.5 allows XSS via crafted SQL syntax to admin/admin.php.

admin\db\DoSql.php in EmpireCMS through 7.5 allows remote attackers to execute arbitrary PHP code via SQL injection that uses a .php filename in a SELECT INTO OUTFILE statement to admin/admin.php.

Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code.

Maccms through 8.0 allows XSS via the site_keywords field to index.php?m=system-config because of tpl/module/system.php and tpl/html/system_config.html, related to template/paody/html/vod_index.html.


Pages:      Start    11006    11007    11008    11009    11010    11011    11012    11013    11014    11015    11016    11017    11018    11019    ..   25335

© SecPod Technologies