Advisories archive Searching 24682 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24682 results found, please narrow your search...Joomla GMapFP 3.30 Arbitrary File UploadImpressCMS 1.3.11 - Why you should not trust PHP_SELFWordPress Wmyx2.0 Themes 2.0 Open RedirectionWordPress ProStore Themes 1.1.2 Open RedirectionWordPress Eurielle Themes 0.1.0 Open RedirectionWordPress FxInfinityTheme Themes 2.2.1 Open Redirection Remote File InclusionWordPress Upward Themes 1.5 Open RedirectionJoomla! com_hdwplayer 4.2 search.php SQL InjectionWordPress Grimag Themes 1.2.5 Open RedirectionWordpress Plugin PicUploader 1.0 - Remote File UploadrConfig 3.9.4 search.crud.php Remote Command InjectionWordPress Aviary Image Editor Add-On For Gravity Forms Plugins 3.0 Beta R7 CSRF Shell Upload VulnerabilityWordPress WPTouch Switch Desktop 3.x Open RedirectionWordPress Event Themes 1.4 CSRF Shell Upload VulnerabilityWordPress HillReproGraphics Themes 2.0.1 CSRF Shell Upload VulnerabilityWordPress LM17 LottoMaticaItalia Themes 1.0 CSRF Shell Upload VulnerabilityWordPress DailyDeal Themes 3.0 CSRF Shell Upload VulnerabilityWordPress Custom-BackGround Plugins 3.0 CSRF Shell Upload VulnerabilityPHPKB Multi-Language 9 Authenticated Remote Code ExecutionPHPKB Multi-Language 9 Authenticated Directory TraversalJoomla Component com_newsfeeds SQL injection vulnerabilityPHP Scripts Mall website-seller Script 2.0.5 Reflected XSS.PHPStudy Backdoor Remote Code execution (Metasploit)WordPress Search Meter 2.13.2 CSV InjectionPHPStudy Backdoor Remote Code Execution60CycleCMS news.php SQL InjectionWordpress Plugin Tutor LMS 1.5.3 Cross-Site Request Forgery (Add User)PHP-FPM 7.x Remote Code ExecutionPHP-Fusion CMS 9.03 Cross Site ScriptingMagento WooCommerce CardGate Payment Gateway 2.0.30 Payment Process BypassATutor 2.2.4 SQL Injectionword press plugin wpforms-lite 1.5.8.2 - Cross-Site ScriptingBugtraq: [SECURITY] [DSA 4628-1] php7.0 security updateWordPress WP Sitemap Page 1.6.2 Cross Site ScriptingWordPress Fruitful 3.8 Cross Site ScriptingBugtraq: [SECURITY] [DSA 4626-1] php7.3 security updateCritical Bug in WordPress Theme Plugin Opens 200,000 Sites to HackersphpMyChat Plus 1.98 SQL InjectionPHP 7.0 < 7.4 (Unix) debug_backtrace disable_functions BypassWordPress Ultimate-Member 2.1.3 Local File InclusionSuiteCRM 7.11.11 Phar DeserializationSuiteCRM 7.11.11 Second-Order PHP Object InjectionWordpress Plugin events-manager - Local File DisclosureWordpress Plugin wordfence.7.4.5 - Local File DisclosureWordpress Plugin tutor.1.5.3 - Local File InclusionWordpress Plugin tutor.1.5.3 - Cross-Site ScriptingLearnDash WordPress LMS 3.1.2 Cross Site ScriptingWordPress InfiniteWP Client Authentication BypassWordpress Plugin contact-form-7.5.1.6 - Remote File UploadWordPress Plugin ultimate-member 2.1.3 - Local File InclusionphpList 3.5.0 Authentication BypassPHP 7.0-7.4 disable_functions bypass PoC (*nix only)Revive Adserver 5.0.3 Cross Site ScriptingWordPress WP Fanzone 3.1 SQL InjectionBuilt with WordPress and WP FanZone Themes 3.1 SQL InjectionWordPress <= 5.2.3: Hardening BypassWordPress Time Capsule 1.21.16 Authentication BypassCarSpot – Dealership Wordpress Classified Theme v2.2.0 Multiple VulnerabilitiesWordPress Resim ara 1.0 Cross Site ScriptingCacti 1.2.8 data_input.php Remote Code Execution [Infragegestellt]Ultimate FAQ Plugin bis 1.8.29 auf WordPress DisplayFAQs.php Display_FAQ Cross Site ScriptingCacti 1.2.8 data_sources.php header Cross Site ScriptingReality | Estate Multipurpose WordPress Theme v2.5.1 Reflected XSSReal Estate 7 WordPress v2.9.4 Multiple VulnerabilitiesListingPro - WordPress Directory Theme v2.5.3 Reflected XSSTravel Booking WordPress Theme v2.7.8.5 Persistent XSSHouzez - Real Estate WordPress Theme v1.8.3.1 Reflected XSSQuickjob job board php script 1.0.0 - Persistent Cross-Site ScriptingQuickdate the ultimate php dating platform - XSS PersistenceBreaking PHP's mt_rand() with 2 values and no bruteforceWordpress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication BypassGlide Wordpress Themes Timthumb RCECityBook - Directory & Listing WordPress Theme v2.2.2 Multiple VulnerabilitiesTownHub - Directory & Listing WordPress Theme v1.0.2 Multiple VulnerabilitiesEasyBook – Directory & Listing WordPress Theme v1.2.1 Multiple VulnerabilitiesphpMyChat-Plus 1.98 Cross Site ScriptingWordPress Core < 5.3.x xmlrpc.php Denial of ServiceDrupal Warns Web Admins to Update CMS Sites to Patch a Critical FlawFlaw in Elementor and Beaver Addons Let Anyone Hack WordPress SitesRevive Adserver 4.2 Remote Code ExecutionSmartHouse Webapp 6.5.33 Cross-Site Request ForgeryWordpress 5.3 XSSMyBB 1.8.x UserCP XSS VulnerabilityDokuwiki 2018-04-22b Username EnumerationMYBB HTML Form Without CSRF ProtectionSuperlist - Directory WordPress Theme v2.9.2 Persistent XSSWordPress Plainview Activity Monitor 20161228 Remote Command ExecutionListingPro - WordPress Directory Theme v2.0.14.2 Reflected & Persistent XSSMagento Marketplace Suffers Data Breach Exposing Users' Account InfoCMS Made Simple 2.2.8 Remote Code ExecutionWordPress Social Photo Gallery 1.0 Remote Code ExecutionoXygen XML Editor 21.1.1 XML InjectionFusionPBX Operator Panel exec.php Command ExecutionFusionPBX Command exec.php Command ExecutionPunBB 1.4.4 Database DisclosureWordPress Google Review Slider 6.1 SQL Injectionwaldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 Cross Site Scriptingwaldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 SQL InjectionWordPress 5.2.4 Cross Origin Resource SharingWordpress FooGallery 1.8.12 Persistent Cross-Site Scripting
