Advisories archive Searching 24714 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24714 results found, please narrow your search...NeonLMS - Learning Management System PHP Laravel Script - 'Messages' Persistent Cross Site ScriptingWordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)OpenEMR Remote Code ExecutionWordpress Plugin Form Maker 5.4.1 s SQL Injection (Authenticated)PHP-Fusion 9.03.50 SQL InjectionWordPress Ajax Load More 5.3.1 SQL InjectionvBulletin 5.6.1 SQL InjectionNetsweeper WebAdmin unixlogin.php Python Code InjectionCuteNews 2.1.2 Authenticated Shell UploadAn Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch NowCuteNews 2.1.2 Arbitrary File DeletionWordPress ChopSlider 3 SQL Injectionjohncaruso PHP Photo Gallery Remote File Inculsion Vulnerability [ RFI ]WordPress Themes begin-its-1 Remote File InclusionJoomla com_content 1.5 - Blind SQL VulnerabilityCritical Bugs Found in 3 Popular e-Learning Plugins for WordPress SitesPHP-Fusion 9.03.50 Arbitrary File UploadphpCollab 2.7.2 - Arbitrary File UploadCritical Security Patches Released for Magento, Adobe Illustrator and BridgephpCollab v2.7.2 - CSRF Arbitrary File Upload RCE PoC ScriptCatch Breadcrumb v1.5.4 WordPress plugin - Unauthenticated Reflected XSSWordPress Weekender Newspaper Themes 9.0 Open RedirectionThinkPHP 5.0.23 Remote Code ExecutionLifeRay CMS (Fckeditor) Arbitrary File Upload VulnerabilityPlaySMS index.php Unauthenticated Template Injection Code ExecutionHorde Groupware Webmail Edition 5.2.22 Remote Code ExecutionWordPress Eatery Restaurant Themes 2.2 Open RedirectionWordPress justnews-child Themes 1.0 Open RedirectionWordPress Nashvilleparent Themes 1.10 Open RedirectionWordPress Attitude Themes 1.1.1 Open RedirectionWordPress Event-Registration Plugins 5.43 Arbitrary File UploadWordPress Randy Peterman Murph StatTraq 1.1 SQL InjectionJoomla GMapFP 3.30 Arbitrary File UploadImpressCMS 1.3.11 - Why you should not trust PHP_SELFWordPress Wmyx2.0 Themes 2.0 Open RedirectionWordPress ProStore Themes 1.1.2 Open RedirectionWordPress Eurielle Themes 0.1.0 Open RedirectionWordPress FxInfinityTheme Themes 2.2.1 Open Redirection Remote File InclusionWordPress Upward Themes 1.5 Open RedirectionJoomla! com_hdwplayer 4.2 search.php SQL InjectionWordPress Grimag Themes 1.2.5 Open RedirectionWordpress Plugin PicUploader 1.0 - Remote File UploadrConfig 3.9.4 search.crud.php Remote Command InjectionWordPress Aviary Image Editor Add-On For Gravity Forms Plugins 3.0 Beta R7 CSRF Shell Upload VulnerabilityWordPress WPTouch Switch Desktop 3.x Open RedirectionWordPress Event Themes 1.4 CSRF Shell Upload VulnerabilityWordPress HillReproGraphics Themes 2.0.1 CSRF Shell Upload VulnerabilityWordPress LM17 LottoMaticaItalia Themes 1.0 CSRF Shell Upload VulnerabilityWordPress DailyDeal Themes 3.0 CSRF Shell Upload VulnerabilityWordPress Custom-BackGround Plugins 3.0 CSRF Shell Upload VulnerabilityPHPKB Multi-Language 9 Authenticated Remote Code ExecutionPHPKB Multi-Language 9 Authenticated Directory TraversalJoomla Component com_newsfeeds SQL injection vulnerabilityPHP Scripts Mall website-seller Script 2.0.5 Reflected XSS.PHPStudy Backdoor Remote Code execution (Metasploit)WordPress Search Meter 2.13.2 CSV InjectionPHPStudy Backdoor Remote Code Execution60CycleCMS news.php SQL InjectionWordpress Plugin Tutor LMS 1.5.3 Cross-Site Request Forgery (Add User)PHP-FPM 7.x Remote Code ExecutionPHP-Fusion CMS 9.03 Cross Site ScriptingMagento WooCommerce CardGate Payment Gateway 2.0.30 Payment Process BypassATutor 2.2.4 SQL Injectionword press plugin wpforms-lite 1.5.8.2 - Cross-Site ScriptingBugtraq: [SECURITY] [DSA 4628-1] php7.0 security updateWordPress WP Sitemap Page 1.6.2 Cross Site ScriptingWordPress Fruitful 3.8 Cross Site ScriptingBugtraq: [SECURITY] [DSA 4626-1] php7.3 security updateCritical Bug in WordPress Theme Plugin Opens 200,000 Sites to HackersphpMyChat Plus 1.98 SQL InjectionPHP 7.0 < 7.4 (Unix) debug_backtrace disable_functions BypassWordPress Ultimate-Member 2.1.3 Local File InclusionSuiteCRM 7.11.11 Phar DeserializationSuiteCRM 7.11.11 Second-Order PHP Object InjectionWordpress Plugin events-manager - Local File DisclosureWordpress Plugin wordfence.7.4.5 - Local File DisclosureWordpress Plugin tutor.1.5.3 - Local File InclusionWordpress Plugin tutor.1.5.3 - Cross-Site ScriptingLearnDash WordPress LMS 3.1.2 Cross Site ScriptingWordPress InfiniteWP Client Authentication BypassWordpress Plugin contact-form-7.5.1.6 - Remote File UploadWordPress Plugin ultimate-member 2.1.3 - Local File InclusionphpList 3.5.0 Authentication BypassPHP 7.0-7.4 disable_functions bypass PoC (*nix only)Revive Adserver 5.0.3 Cross Site ScriptingWordPress WP Fanzone 3.1 SQL InjectionBuilt with WordPress and WP FanZone Themes 3.1 SQL InjectionWordPress <= 5.2.3: Hardening BypassWordPress Time Capsule 1.21.16 Authentication BypassCarSpot – Dealership Wordpress Classified Theme v2.2.0 Multiple VulnerabilitiesWordPress Resim ara 1.0 Cross Site ScriptingCacti 1.2.8 data_input.php Remote Code Execution [Infragegestellt]Ultimate FAQ Plugin bis 1.8.29 auf WordPress DisplayFAQs.php Display_FAQ Cross Site ScriptingCacti 1.2.8 data_sources.php header Cross Site ScriptingReality | Estate Multipurpose WordPress Theme v2.5.1 Reflected XSSReal Estate 7 WordPress v2.9.4 Multiple VulnerabilitiesListingPro - WordPress Directory Theme v2.5.3 Reflected XSSTravel Booking WordPress Theme v2.7.8.5 Persistent XSSHouzez - Real Estate WordPress Theme v1.8.3.1 Reflected XSSQuickjob job board php script 1.0.0 - Persistent Cross-Site Scripting
