Advisories archive Searching 24550 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24550 results found, please narrow your search...phpMyAdmin 4.9.0.1 Cross Site Request ForgeryWordPress Plugin Photo Gallery 1.5.34 SQL InjectionWordPress Checklist 1.1.5 Cross Site ScriptingWordPress Qwiz Online Quizzes And Flashcards 3.36 Cross Site ScriptingWordPress Sell Downloads 1.0.86 Cross Site ScriptingReality | Estate Multipurpose WordPress Theme Persistent XSSWordPress Plugin UserPro 4.9.32 Cross-Site ScriptingWordPress 5.2.3 Remote Cross Site Host ModificationNexos - Real Estate WordPress Theme SQL Injection & Persistent XSSWordpress Plugin Event Tickets 4.10.7.1 CSV InjectionWordPress API Bearer Auth 20181229 Cross Site ScriptingWordPress Ecpay Logistics For WooCommerce 1.2.181030 Cross Site ScriptingMultiple Code Execution Flaws Found In PHP Programming LanguageWordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site ScriptingWordPress Spryng Payments WooCommerce 1.6.7 Cross Site ScriptingWordPress Event Tickets 4.10.7.1 CSV InjectionYouPHPTube 7.4 Remote Code ExecutionWordpress Gallery Objects Version 0.4 SQL Injection vulnerabilityX-Cart DesignHouse MonarchDigitalMedia MagicAngel SQL InjectionJoomla 1.5.26 Com_OrgChart Components 1.0.0 XSS SQL InjectionJoomla 1.5.26 Com_FireBoard Components 1.1.3 SQL InjectionMambo Miro International Infoerbe XSS SQL InjectionvBulletin Reflected XSS via "Click here"Joomla 1.5.26 Com_AlphaContent Components 3.x SQL InjectionJoomla 1.5.26 Com_EstateAgent Components 3.x SQL InjectionMediaWiki 1.27.4 content sniffing VulnerabilityphpPgAdmin-5.1 file enumeration && XSSMediaWiki OAuth2 Client 0.3 Cross Site Request ForgeryHow Activity Logs Help WordPress Admins Better Manage Website SecurityJoomla JS Jobs 1.2.5 SQL InjectionosTicket 1.12 Formula InjectionosTicket 1.12 File Upload Cross Site ScriptingosTicket 1.12 Cross Site ScriptingJoomla JS Support Ticket 1.1.5 Arbitrary File DownloadJoomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 SQL InjectionWordPress JoomSport 3.3 SQL InjectionATutor 2.2.4 Arbitrary File Upload / Command ExecutionActive PHP Bookmarks 1.3 SQL Injectionibrowser phpthumb Command InjectionYahei-PHP Prober 0.4.7 HTML InjectionOvidentia 8.4.3 SQL InjectionReal Estate 7 - Real Estate WordPress Theme v2.8.9 Persistent XSS InjectionWordPress OneSignal 1.17.5 Cross Site ScriptingWordPress Plugin OneSignal 1.17.5 subdomain Persistent Cross-Site ScriptingphpFK 8.0 version Reinstall Add Admin VulnerabilityPHP Laravel Framework Token Unserialize Remote Command ExecutionNagios XI 5.5.6 Magpie_debug.php Root Remote Code Execution (Metasploit)phpFK lite-version Cross Site ScriptingWordPress Like Button 1.6.0 Authentication BypassMagento 2.3.1: Unauthenticated Stored XSS to RCESquirrelMail 1.4.22 Cross Site ScriptingNagios XI Magpie_debug.php Root Remote Code ExecutiondotCMS 5.1.5: Exploiting H2 SQL injection to RCEiLive - Intelligent WordPress Live Chat Support Plugin v1.0.4 Stored XSS InjectionSeedDMS out.GroupMgr.php Cross Site ScriptingdotProject 2.1.9 SQL InjectionWordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (Unautorized)WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code ExecutionWordPress - ChurcHope Responsive Themes 4.7.x Directory Traversal VulnerabilityWordpress Plugins Simple-e-commerce-shopping-cart DatabaseSQL Backup Disclosure VulnerabilityWordpress Plugins Cart66-Lite DatabaseSQL Backup Disclosure VulnerabilityDigaSell - Digital store PHP Script V1.0.0 XSS VulnerabilityWebLord WL-Nuke Coppermine for PHP-Nuke v1.3.1c SQL InjectionphpMyAdmin 4.8 Cross Site Request ForgeryWordPress Plugin Insert or Embed Articulate Content into WordPress - Remote Code Execution (UPLOAD SHELL)MyBB <= 1.8.20: From Stored XSS to RCEPHP Security Advent Calendar 2018New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack SessionsWordPress 5.2.1 Antena_Ri Institute Themes 2.0 Open RedirectionWordPress Satoshi 2.0 Cross Site Request Forgery / File UploadWordPress Plugin Form Maker 1.13.3 SQL InjectionShopware createInstanceFromNamedArguments PHP Object Instantiation Remote Code ExecutionHackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit MalwareWordPress 4.9.10 Xunjin Themes 4.6 Open RedirectionWordPress 4.8.9 Tigin Themes 1.0.5 Open RedirectionWordPress 5.2.1 Divi-Child Themes 1.0 Open RedirectionWordPress 5.1.1 jilijilibegin Themes LTS 4.6 Open RedirectionWordPress 4.9.x Jingke Themes 1.0 Open RedirectionJoomla 3.9.6 Com_Attachments Components 3.x Unauthorized File InsertionWordPress 4.9.10 4DMayi Themes 4.6 Open RedirectionWordPress 5.2.1 DingTalk Themes LTS 4.6 Open RedirectionWordPress 4.9.8 LaneMotorSport Responsive Themes 1.8.4 Open RedirectionWordPress 4.6.14 lqcPlugin-regiePublicites Plugins 1.0 Open RedirectionWordPress 4.6.12 PHPL Plugins 1.0 Open RedirectionWordPress 5.2.1 Dankov Planer Themes 1.1.2 Open RedirectionWordPress 4.9.10 Aliyun Themes 5.2 Open RedirectionWordPress 4.4.18 Ad-Manager Plugins 1.1.2 Open RedirectionShopware createInstanceFromNamedArguments PHP Object InstantiationPHP PHP_INI_SYSTEM Ineffective ControlsphpKF 1.10 XSS / CSRF / SQL InjectionXoops Wordpress Modules WP-Ktai 0.5.0 Japan Open RedirectionHorde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails < = v5.2.22Vuln: Drupal Novalnet Payment Module- Ubercart Module SQL Injection VulnerabilityPHP-Fusion 9.03.00 Remote Code ExecutionXOOPS CMS 2.5.9 SQL InjectionWordPress Form Maker 1.13.3 SQL Injection(Wordpress) Ninja Forms File Uploads Extension < = 3.0.22 – Unauthenticated Arbitrary File UploadWordPress Diarise 1.5.9 Local File DisclosureWordpress - W3 Total Cache - SSRF / RCEWordpress Social Warfare Remote Code Execution
