Advisories archive Searching 24040 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24040 results found, please narrow your search...WordPress Dreamsmiths Themes 0.0.1 Arbitrary File DownloadphpMeteo v1.6 sensitive information disclosure VulnerabilityNew PHP Code Execution Attack Puts WordPress Sites at RiskPimcore 5.2.3 SQL Injection / Cross-Site Scripting / Cross-Site Request ForgeryActive Matrimonial CMS v1.4 - Arbitrary File UploadNew PHP Exploitation Technique AddedPlayTube - The Ultimate PHP Video CMS & Video Sharing Platform 1.4.3 privilege escalation VulnerabilitycPanel Filename Based Stored XSS < = v76OpenEMR < 5.0.1 Remote Code ExecutionPHP Template Store Script 3.0.6 Cross Site ScriptingVuln: PHP Multiple Heap Buffer Overflow VulnerabilitiesLaravel 4.2 sensitive information disclosure VulnerabilityCMS ISWEB 3.5.3 Directory TraversalBugtraq: [SECURITY] [DSA 4262-1] symfony security updateAuditor Website 2.0.1 Cross-Site Scriptinguhotel booking 2.79. XML external entity injection VulnerabilitySymfony Flaw Leaves Drupal Sites Vulnerable to Hackers—Patch NowDataLife Engine 13.0 Cross Site ScriptingDrupal Access Control Flaw in Symfony HttpFoundation Component Lets Remote Users Bypass Security Restrictions on the Target SystemSecuring Credentials for PHP with DockerKeeping Credentials Secure in PHPDataLife Engine Core Cross Site Scripting (XSS) & Execution CodeWeb Design itemDesc.php site sql injectionSuper Cms Blog Pro PHP Script v1.0 - XSSWordPress Plugin Responsive Thumbnail Slider Arbitrary File Upload (Metasploit)Symfony Remote Information DisclosureSuper CMS Blog Pro PHP Script 1.0 SQL Injection / Shell UploadWordPress Gwolle Guestbook 2.5.3 Cross Site ScriptingWordPress Strong Testimonials 2.31.4 Cross Site ScriptingWordPress Snazzy Maps 1.1.3 Cross Site ScriptingBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Gwolle Guestbook Plugin XSS Security VulnerabilityBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Strong Testimonials Plugin Multiple XSS Security VulnerabilitiesBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Snazzy Maps Plugin Multiple XSS Security VulnerabilitiesMyBB New Threads 1.1 Cross Site ScriptingPrestaShop < 1.6.1.19 AES CBC Privilege EscalationCMS Made Simple 2.2.5 Authenticated Remote Command ExecutionModx Revolution Remote Code ExecutionBugtraq: [SECURITY] [DSA 4250-1] wordpress security updatePHP Whois Script Cross Site Scripting VulnerabilityPrestaShop 1.6 Privilege EscalationphpMyAdmin 4.8.1 Authenticated Remote Code Execution (metasploit)Wchat - Fully Responsive PHP AJAX Chat Script 1.5 unrestricted file upload Vulnerabilitywordpress file-away plugin - File DisclosurePHPMailer Test Page < 5.0 Cross-Site-ScriptingWordpres Simple 301 Redirects - Addon - Bulk CSV Uploader plugin Cross Site Scripting VulnerabilityVuln: phpMyAdmin PMASA-2017-8 Security Bypass Vulnerabilityjoomla jsn gruve pro 2.1.0 Directory traversal VulnerabilityVuln: WordPress CVE-2018-12895 Directory Traversal VulnerabilityWordPress 4.9.6 Arbitrary File DeletionWordPress Plugin Advanced Order Export For WooCommerce < 1.5.4 CSV InjectionWordpress <= 4.9.6 Arbitrary File Deletion Vulnerability ExploitUnpatched WordPress Flaw Gives Attackers Full Control Over Your SiteWARNING: WordPress File Delete to Code ExecutionVuln: PHP 'ext/exif/exif.c' Denial of Service VulnerabilityWordPress Plugin iThemes Security < 7.0.3 SQL InjectionWordPress Plugin weixin robot advanced 4.4 Cross-Site-ScriptingWebinarPHP Script Cross-Site-ScriptingWordPress Design By SmartCatDesign.Net ImageManager Plugin Remote File Upload VulnerabilityWordPress Design By SmartCat.Net ImageManager Plugin Remote File Upload VulnerabilityphpMyAdmin 4.8.1 (Authenticated) Local File InclusionWordPress DrcSystems EthicSolutions Jssor-Slider Library Plugin Arbitrary File Upload VulnerabilityDrupal 7 ItalianGov Fi.it Scrivi Al Comune Arbitrary File Upload VulnerabilityJoomla! Component Jomres 9.11.2 Cross-Site Request Forgery (Add User)Wordpress <= 4.8.2 SQL Injection POCphpMyAdmin 4.8.x LFI to RCE (Authorization Required)phpMyAdmin 4.7.x XSRF/CSRF Vulnerability (PMASA-2017-9) ExploitMagento Hackers Using Simple Evasion Trick to Reinfect Sites With MalwareTestlink 1.9.18 gettestcasesummary.php SQL Injection 0dayphpMyAdmin 4.x Remote Code ExecutionNewsBee CMS 1.4 content-sniffing VulnerabilityBugtraq: [SECURITY] [DSA 4228-1] spip security updateJoomla Component Ek rishta 2.10 SQL InjectionRedaxo CMS Mediapool Arbitrary File UploadWordPress Tooltipy 5.0 Cross Site ScriptingWordPress Redirection 2.7.3 Remote File InclusionWordPress Tooltipy 5.0 Cross Site Request ForgeryBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress WP Google Map Plugin Multiple SQL injection Security VulnerabilitiesBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities (XSS and SQLi)wp-content themes clinell Local File Disclosure Vulnerabilitywp-content themes ypo-theme Local File Disclosure Vulnerabilitywp-content uploads sb-download.php Local File Disclosure VulnerabilityJoomla com_rsfiles Local File Disclosure VulnerabilityWordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload VulnerabilityBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Contact Form Maker Plugin Multiple Security VulnerabilitiesBugtraq: DefenseCode ThunderScan SAST Advisory: WordPress Form Maker Plugin Multiple Security VulnerabilitiesJoomla! Component dj-imageslider 3.2.3-3.1.0 - Arbitrary File Upload VulnerabilityPHP 7.2.2 php_stream_url_wrap_http_ex Buffer OverflowMyBB Recent Threads 1.0 Cross Site ScriptingOver 115,000 Drupal Sites Still Vulnerable to Drupalgeddon2 ExploitVuln: WordPress CVE-2018-10101 Security VulnerabilityPHP Dashboards NEW 5.5 SQL InjectionWordPress Headway Theme The Drag and Drop SQL Injection VulnerabilityWordpress Plugin Events Calendar SQL InjectionJoomla! Component jCart for OpenCart 2.3.0.2 Cross-Site Request ForgeryMyBB Moderator Log Notes 1.1 Cross Site ScriptingJoomla Content Editor JCE ImageManager Vulnerability Mass Auto ExploiterWordPress Plugin Peugeot Music Arbitrary File UploadBugtraq: PHP Login & User Management <= 4.1.0 - Arbitrary File Upload (CVE-2018-11392)Joomla! Multiple Flaws Let Remote Authenticated Users Modify ACLs and Execute Arbitrary Code, Remote Users Obtain Potentially Sensitive Information and Conduct Cross-Site Scripting Attacks, and Local Users Obtain PasswordsWP-Plugins Peugeot Music Plugin Arbitrary File Upload
