Advisories archive Searching 24630 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24630 results found, please narrow your search...Revive Adserver 5.0.3 Cross Site ScriptingWordPress WP Fanzone 3.1 SQL InjectionBuilt with WordPress and WP FanZone Themes 3.1 SQL InjectionWordPress <= 5.2.3: Hardening BypassWordPress Time Capsule 1.21.16 Authentication BypassCarSpot – Dealership Wordpress Classified Theme v2.2.0 Multiple VulnerabilitiesWordPress Resim ara 1.0 Cross Site ScriptingCacti 1.2.8 data_input.php Remote Code Execution [Infragegestellt]Ultimate FAQ Plugin bis 1.8.29 auf WordPress DisplayFAQs.php Display_FAQ Cross Site ScriptingCacti 1.2.8 data_sources.php header Cross Site ScriptingReality | Estate Multipurpose WordPress Theme v2.5.1 Reflected XSSReal Estate 7 WordPress v2.9.4 Multiple VulnerabilitiesListingPro - WordPress Directory Theme v2.5.3 Reflected XSSTravel Booking WordPress Theme v2.7.8.5 Persistent XSSHouzez - Real Estate WordPress Theme v1.8.3.1 Reflected XSSQuickjob job board php script 1.0.0 - Persistent Cross-Site ScriptingQuickdate the ultimate php dating platform - XSS PersistenceBreaking PHP's mt_rand() with 2 values and no bruteforceWordpress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication BypassGlide Wordpress Themes Timthumb RCECityBook - Directory & Listing WordPress Theme v2.2.2 Multiple VulnerabilitiesTownHub - Directory & Listing WordPress Theme v1.0.2 Multiple VulnerabilitiesEasyBook – Directory & Listing WordPress Theme v1.2.1 Multiple VulnerabilitiesphpMyChat-Plus 1.98 Cross Site ScriptingWordPress Core < 5.3.x xmlrpc.php Denial of ServiceDrupal Warns Web Admins to Update CMS Sites to Patch a Critical FlawFlaw in Elementor and Beaver Addons Let Anyone Hack WordPress SitesRevive Adserver 4.2 Remote Code ExecutionSmartHouse Webapp 6.5.33 Cross-Site Request ForgeryWordpress 5.3 XSSMyBB 1.8.x UserCP XSS VulnerabilityDokuwiki 2018-04-22b Username EnumerationMYBB HTML Form Without CSRF ProtectionSuperlist - Directory WordPress Theme v2.9.2 Persistent XSSWordPress Plainview Activity Monitor 20161228 Remote Command ExecutionListingPro - WordPress Directory Theme v2.0.14.2 Reflected & Persistent XSSMagento Marketplace Suffers Data Breach Exposing Users' Account InfoCMS Made Simple 2.2.8 Remote Code ExecutionWordPress Social Photo Gallery 1.0 Remote Code ExecutionoXygen XML Editor 21.1.1 XML InjectionFusionPBX Operator Panel exec.php Command ExecutionFusionPBX Command exec.php Command ExecutionPunBB 1.4.4 Database DisclosureWordPress Google Review Slider 6.1 SQL Injectionwaldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 Cross Site Scriptingwaldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 SQL InjectionWordPress 5.2.4 Cross Origin Resource SharingWordpress FooGallery 1.8.12 Persistent Cross-Site ScriptingNew PHP Flaw Could Let Attackers Hack Sites Running On Nginx ServersWordPress Arforms 3.7.1 Directory TraversalMrBlog PHP Script Multiple VulnerabilitiesWordpress Sliced Invoices < = 3.8.2 Authenticated SQL InjectionWordpress Groundhogg < = 1.3.2 Authentificated SQL InjectionWordpress Sliced Invoices < = 3.8.2 Authenticated Reflected XSSWordPress Soliloquy Lite 2.5.6 Cross Site ScriptingWordPress FooGallery 1.8.12 Cross Site ScriptingWordPress Popup Builder 3.49 Cross Site ScriptingWordPress Broken Link Checker 1.11.8 Cross Site ScriptingvBulletin 5.0 < 5.5.4 updateAvatar Authenticated Remote Code ExecutionJoomla 1.5.15 Cactus 1.2.0 SQL InjectionJoomla Vemod News Mailer 1.0 SQL InjectionJoomla MisterEstate 1.5.26 SQL InjectionJoomla 1.5.26 Google Maps 1.0.4 SQL InjectionJoomla MediaLibrary 1.5.26 SQL InjectionJoomla 1.5.26 Mad4Joomla 1.1.x SQL InjectionJoomla SwPhotoGallery 1.5.26 SQL InjectionJoomla Sumoku 3.9.8 SQL InjectionvBulletin Releases Patch Update for New RCE and SQLi VulnerabilitiesvBulletin 5.5.4 Remote Code ExecutionvBulletin 5.5.4 SQL InjectionPHP 7.3 disable_functions BypassvBulletin 5.x 0-Day Pre-Auth Remote Command ExecutionZoner - Real Estate WordPress Theme v4.1.1 Persistent XSS & IDOR[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed PubliclyvBulletin 5.x Pre-Auth Remote Code ExecutionWordPress Plugin Sell Downloads 1.0.86 Cross-Site Scriptingjommla component ccnewsletter 2.2.4 - 'sbid' Parameter SQL InjectionDokeos 1.8.6.1 / 1.8.6.3 Arbitrary File UploadWarning: Researcher Drops phpMyAdmin Zero-Day Affecting All VersionsInJob | Multi-purpose for recruitment WordPress Theme v3.3.6 Reflected & Persistent XSSphpMyAdmin 4.9.0.1 Cross Site Request ForgeryWordPress Plugin Photo Gallery 1.5.34 SQL InjectionWordPress Checklist 1.1.5 Cross Site ScriptingWordPress Qwiz Online Quizzes And Flashcards 3.36 Cross Site ScriptingWordPress Sell Downloads 1.0.86 Cross Site ScriptingReality | Estate Multipurpose WordPress Theme Persistent XSSWordPress Plugin UserPro 4.9.32 Cross-Site ScriptingWordPress 5.2.3 Remote Cross Site Host ModificationNexos - Real Estate WordPress Theme SQL Injection & Persistent XSSWordpress Plugin Event Tickets 4.10.7.1 CSV InjectionWordPress API Bearer Auth 20181229 Cross Site ScriptingWordPress Ecpay Logistics For WooCommerce 1.2.181030 Cross Site ScriptingMultiple Code Execution Flaws Found In PHP Programming LanguageWordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site ScriptingWordPress Spryng Payments WooCommerce 1.6.7 Cross Site ScriptingWordPress Event Tickets 4.10.7.1 CSV InjectionYouPHPTube 7.4 Remote Code ExecutionWordpress Gallery Objects Version 0.4 SQL Injection vulnerabilityX-Cart DesignHouse MonarchDigitalMedia MagicAngel SQL InjectionJoomla 1.5.26 Com_OrgChart Components 1.0.0 XSS SQL Injection
