Advisories archive Searching 23981 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
23981 results found, please narrow your search...phpMyAdmin 4.8.1 (Authenticated) Local File InclusionWordPress DrcSystems EthicSolutions Jssor-Slider Library Plugin Arbitrary File Upload VulnerabilityDrupal 7 ItalianGov Fi.it Scrivi Al Comune Arbitrary File Upload VulnerabilityJoomla! Component Jomres 9.11.2 Cross-Site Request Forgery (Add User)Wordpress <= 4.8.2 SQL Injection POCphpMyAdmin 4.8.x LFI to RCE (Authorization Required)phpMyAdmin 4.7.x XSRF/CSRF Vulnerability (PMASA-2017-9) ExploitMagento Hackers Using Simple Evasion Trick to Reinfect Sites With MalwareTestlink 1.9.18 gettestcasesummary.php SQL Injection 0dayphpMyAdmin 4.x Remote Code ExecutionNewsBee CMS 1.4 content-sniffing VulnerabilityBugtraq: [SECURITY] [DSA 4228-1] spip security updateJoomla Component Ek rishta 2.10 SQL InjectionRedaxo CMS Mediapool Arbitrary File UploadWordPress Tooltipy 5.0 Cross Site ScriptingWordPress Redirection 2.7.3 Remote File InclusionWordPress Tooltipy 5.0 Cross Site Request ForgeryBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress WP Google Map Plugin Multiple SQL injection Security VulnerabilitiesBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities (XSS and SQLi)wp-content themes clinell Local File Disclosure Vulnerabilitywp-content themes ypo-theme Local File Disclosure Vulnerabilitywp-content uploads sb-download.php Local File Disclosure VulnerabilityJoomla com_rsfiles Local File Disclosure VulnerabilityWordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload VulnerabilityBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Contact Form Maker Plugin Multiple Security VulnerabilitiesBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Form Maker Plugin Multiple Security VulnerabilitiesJoomla! Component dj-imageslider 3.2.3-3.1.0 - Arbitrary File Upload VulnerabilityPHP 7.2.2 php_stream_url_wrap_http_ex Buffer OverflowMyBB Recent Threads 1.0 Cross Site ScriptingOver 115,000 Drupal Sites Still Vulnerable to Drupalgeddon2 ExploitVuln: WordPress CVE-2018-10101 Security VulnerabilityPHP Dashboards NEW 5.5 SQL InjectionWordPress Headway Theme The Drag and Drop SQL Injection VulnerabilityWordpress Plugin Events Calendar SQL InjectionJoomla! Component jCart for OpenCart 2.3.0.2 Cross-Site Request ForgeryMyBB Moderator Log Notes 1.1 Cross Site ScriptingJoomla Content Editor JCE ImageManager Vulnerability Mass Auto ExploiterWordPress Plugin Peugeot Music Arbitrary File UploadBugtraq: PHP Login & User Management <= 4.1.0 - Arbitrary File Upload (CVE-2018-11392)Joomla! Multiple Flaws Let Remote Authenticated Users Modify ACLs and Execute Arbitrary Code, Remote Users Obtain Potentially Sensitive Information and Conduct Cross-Site Scripting Attacks, and Local Users Obtain PasswordsWP-Plugins Peugeot Music Plugin Arbitrary File UploadWordPress Muller Design Studio DiyThemes Rich-Widget Editor Arbitrary File UploadMyBB 1.8.x Denial of Service AttackPHP-Fusion Information DisclosureMyBB Admin Notes 1.1 Cross Site Request ForgeryVuln: PHP CVE-2018-10545 Security Bypass VulnerabilityVuln: PHP Multiple Security VulnerabilitiesWordPress WP User Groups 2.0.0 Cross Site Request ForgeryJoomla com_training SQL Injection VulnerabilityMantis 1.1.3 manage_proj_page PHP Code ExecutionMyBB Latest Posts On Profile 1.1 Cross Site ScriptingphpVirtualBox 5.2 Cross Site Request Forgery / Cross Site ScriptingWordpress wp-js-external-link-info redirectPlaySMS import.php Code ExecutionPlaySMS sendfromfile.php Code ExecutionWordPress Plugin User Role Editor < 4.25 Privilege EscalationBugtraq: [SECURITY] [DSA 4193-1] wordpress security updateWordpress Hestia 1.1.73 Theme XSS VulnLifeRay (Fckeditor) Arbitrary File Upload VulnerabilityVuln: PHP CVE-2018-10547 Incomplete Fix Cross Site Scripting VulnerabilityPHP Multiple Flaws Let Remote Users Obtain Potentially Sensitive Information, Deny Service, and Conduct Cross-Site Scripting AttacksMyBB Threads To Link 1.3 Cross Site ScriptingWordPress UK Cookie Consent 2.3.9 Cross Site Scriptinghamayeshnegar CMS - 'downloadpaper.php' SQL InjectionGitList 0.6 Remote Code ExecutionWordPress WP With Spritz 1.0 File InclusionRelease of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under AttackDrupal Array Validation Flaw Lets Remote Users Execute Arbitrary Code on the Target SystemBugtraq: [SECURITY] [DSA 4180-1] drupal7 security updateWordPress Woo Import Export 1.0 Arbitrary File DeletionQuixplorer 2.4.1 Beta Cross Site ScriptingThird Critical Drupal Flaw Discovered—Patch Your Sites ImmediatelyphpMyAdmin 4.8.0 < 4.8.0-1 Cross-Site Request ForgeryMonstra cms 3.0.4 Persitent Cross-Site ScriptingDrupal Avatar Uploader 7.x-1.0-beta8 Arbitary File DownloadAnother Critical Flaw Found In Drupal Core—Patch Your Sites ImmediatelyHackers Exploiting Drupal Vulnerability to Inject Cryptocurrency MinersCakePHP Test Suite 2.7.0 Xss VulnerabilityJoomla! Component jDownloads 3.2.58 Cross Site ScriptingDrupal Drupalgeddon2 Remote Code Execution (Ruby)Drupal 0day Remote PHP Code Execution (Perl)Hackers Have Started Exploiting Drupal RCE Exploit Released YesterdayNielsen Wordpress Theme Xss Stored ExploitWordPress Content Injection and DefaceDrupal 0day Remote PHP Code Execution (curl)Drupal 0day Remote PHP Code Execution (Python)Joomla Convert Forms 2.0.3 CSV InjectionWordPress Google Drive 2.2 Remote Code ExecutionWordPress Plugin WordPress File Upload 4.3.3 Stored XSSWordPress Activity Logs 2.4.0 Cross Site ScriptingWordPress Plugin Gratifikasi 1.3 Cross Site Scripting (XSS)WordPress Viral Optins Plugin Exploit and File UploadMyBB Recent Threads On Index 17.0 Cross Site ScriptingWolfCMS 0.8.3.1 Open RedirectBugtraq: [SECURITY] [DSA 4168-1] squirrelmail security updateJoomla JS Jobs 1.2.0 Cross Site ScriptingMyBB Downloads 2.0.3 Cross Site ScriptingCacti Input Validation Flaw in get_current_page() Lets Remote Users Conduct Cross-Site Scripting AttacksCouponPHP CMS - Arbitrary File UploadWordpress Plugin Contact Form 7 to Database Extension 2.10.32 CSV Injection
