Advisories archive Searching 24593 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24593 results found, please narrow your search...CMS Made Simple 2.2.8 Remote Code ExecutionWordPress Social Photo Gallery 1.0 Remote Code ExecutionoXygen XML Editor 21.1.1 XML InjectionFusionPBX Operator Panel exec.php Command ExecutionFusionPBX Command exec.php Command ExecutionPunBB 1.4.4 Database DisclosureWordPress Google Review Slider 6.1 SQL Injectionwaldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 Cross Site Scriptingwaldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 SQL InjectionWordPress 5.2.4 Cross Origin Resource SharingWordpress FooGallery 1.8.12 Persistent Cross-Site ScriptingNew PHP Flaw Could Let Attackers Hack Sites Running On Nginx ServersWordPress Arforms 3.7.1 Directory TraversalMrBlog PHP Script Multiple VulnerabilitiesWordpress Sliced Invoices < = 3.8.2 Authenticated SQL InjectionWordpress Groundhogg < = 1.3.2 Authentificated SQL InjectionWordpress Sliced Invoices < = 3.8.2 Authenticated Reflected XSSWordPress Soliloquy Lite 2.5.6 Cross Site ScriptingWordPress FooGallery 1.8.12 Cross Site ScriptingWordPress Popup Builder 3.49 Cross Site ScriptingWordPress Broken Link Checker 1.11.8 Cross Site ScriptingvBulletin 5.0 < 5.5.4 updateAvatar Authenticated Remote Code ExecutionJoomla 1.5.15 Cactus 1.2.0 SQL InjectionJoomla Vemod News Mailer 1.0 SQL InjectionJoomla MisterEstate 1.5.26 SQL InjectionJoomla 1.5.26 Google Maps 1.0.4 SQL InjectionJoomla MediaLibrary 1.5.26 SQL InjectionJoomla 1.5.26 Mad4Joomla 1.1.x SQL InjectionJoomla SwPhotoGallery 1.5.26 SQL InjectionJoomla Sumoku 3.9.8 SQL InjectionvBulletin Releases Patch Update for New RCE and SQLi VulnerabilitiesvBulletin 5.5.4 Remote Code ExecutionvBulletin 5.5.4 SQL InjectionPHP 7.3 disable_functions BypassvBulletin 5.x 0-Day Pre-Auth Remote Command ExecutionZoner - Real Estate WordPress Theme v4.1.1 Persistent XSS & IDOR[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed PubliclyvBulletin 5.x Pre-Auth Remote Code ExecutionWordPress Plugin Sell Downloads 1.0.86 Cross-Site Scriptingjommla component ccnewsletter 2.2.4 - 'sbid' Parameter SQL InjectionDokeos 1.8.6.1 / 1.8.6.3 Arbitrary File UploadWarning: Researcher Drops phpMyAdmin Zero-Day Affecting All VersionsInJob | Multi-purpose for recruitment WordPress Theme v3.3.6 Reflected & Persistent XSSphpMyAdmin 4.9.0.1 Cross Site Request ForgeryWordPress Plugin Photo Gallery 1.5.34 SQL InjectionWordPress Checklist 1.1.5 Cross Site ScriptingWordPress Qwiz Online Quizzes And Flashcards 3.36 Cross Site ScriptingWordPress Sell Downloads 1.0.86 Cross Site ScriptingReality | Estate Multipurpose WordPress Theme Persistent XSSWordPress Plugin UserPro 4.9.32 Cross-Site ScriptingWordPress 5.2.3 Remote Cross Site Host ModificationNexos - Real Estate WordPress Theme SQL Injection & Persistent XSSWordpress Plugin Event Tickets 4.10.7.1 CSV InjectionWordPress API Bearer Auth 20181229 Cross Site ScriptingWordPress Ecpay Logistics For WooCommerce 1.2.181030 Cross Site ScriptingMultiple Code Execution Flaws Found In PHP Programming LanguageWordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site ScriptingWordPress Spryng Payments WooCommerce 1.6.7 Cross Site ScriptingWordPress Event Tickets 4.10.7.1 CSV InjectionYouPHPTube 7.4 Remote Code ExecutionWordpress Gallery Objects Version 0.4 SQL Injection vulnerabilityX-Cart DesignHouse MonarchDigitalMedia MagicAngel SQL InjectionJoomla 1.5.26 Com_OrgChart Components 1.0.0 XSS SQL InjectionJoomla 1.5.26 Com_FireBoard Components 1.1.3 SQL InjectionMambo Miro International Infoerbe XSS SQL InjectionvBulletin Reflected XSS via "Click here"Joomla 1.5.26 Com_AlphaContent Components 3.x SQL InjectionJoomla 1.5.26 Com_EstateAgent Components 3.x SQL InjectionMediaWiki 1.27.4 content sniffing VulnerabilityphpPgAdmin-5.1 file enumeration && XSSMediaWiki OAuth2 Client 0.3 Cross Site Request ForgeryHow Activity Logs Help WordPress Admins Better Manage Website SecurityJoomla JS Jobs 1.2.5 SQL InjectionosTicket 1.12 Formula InjectionosTicket 1.12 File Upload Cross Site ScriptingosTicket 1.12 Cross Site ScriptingJoomla JS Support Ticket 1.1.5 Arbitrary File DownloadJoomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 SQL InjectionWordPress JoomSport 3.3 SQL InjectionATutor 2.2.4 Arbitrary File Upload / Command ExecutionActive PHP Bookmarks 1.3 SQL Injectionibrowser phpthumb Command InjectionYahei-PHP Prober 0.4.7 HTML InjectionOvidentia 8.4.3 SQL InjectionReal Estate 7 - Real Estate WordPress Theme v2.8.9 Persistent XSS InjectionWordPress OneSignal 1.17.5 Cross Site ScriptingWordPress Plugin OneSignal 1.17.5 subdomain Persistent Cross-Site ScriptingphpFK 8.0 version Reinstall Add Admin VulnerabilityPHP Laravel Framework Token Unserialize Remote Command ExecutionNagios XI 5.5.6 Magpie_debug.php Root Remote Code Execution (Metasploit)phpFK lite-version Cross Site ScriptingWordPress Like Button 1.6.0 Authentication BypassMagento 2.3.1: Unauthenticated Stored XSS to RCESquirrelMail 1.4.22 Cross Site ScriptingNagios XI Magpie_debug.php Root Remote Code ExecutiondotCMS 5.1.5: Exploiting H2 SQL injection to RCEiLive - Intelligent WordPress Live Chat Support Plugin v1.0.4 Stored XSS InjectionSeedDMS out.GroupMgr.php Cross Site ScriptingdotProject 2.1.9 SQL InjectionWordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (Unautorized)
