Advisories archive Searching 25341 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
25341 results found, please narrow your search...Best Quiz, Exam and Survey Plugin bis 7.1.17 auf WordPress Quiz Result Page result_id erweiterte RechteWordPress Plugin Database Backups 1.2.2.6 Database Backup Download CSRFElemin Themify Framework themify-ajax.php erweiterte RechteSymfony 5.3.0/5.3.1 schwache Authentisierung [CVE-2021-32693]MantisBT bis 2.25.1 manage_custom_field_edit_page.php return Cross Site ScriptingBetterLinks Simple 301 Redirects Plugin bis 2.0.3 auf WordPress Nonce export_data erweiterte RechteSide Menu Add Fixed Side Buttons Plugin bis 3.1.4 auf WordPress GET Parameter did SQL InjectionSendit WP Newsletter Plugin bis 2.5.1 auf WordPress lists-management Page id_lista SQL InjectionXllentech English Islamic Calendar Plugin bis 2.6.7 auf WordPress year_number/month_number SQL InjectionSimple 301 Redirects Plugin bis 2.0.3 auf WordPress Nonce get_wildcard erweiterte RechteSP Project & Document Manager Plugin bis 4.21 auf WordPress File Extension erweiterte RechteCreate Magento App 1.5.1/1.5.2 magento-scripts Denial of ServiceWordPress wpDiscuz 7.0.4 Remote Code ExecutionEkattor Student Assignment php script-Stored XSSWordPress Visitors-App 0.3 Cross Site ScriptingWordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload (Unauthenticated)iFlyChat Plugin bis 4.6.4 auf WordPress APP ID Setting Cross Site ScriptingEasy Preloader Plugin bis 1.0.0 auf WordPress Cross Site ScriptingAdiscon LogAnalyzer 4.1.10/4.1.11 login.php Cross Site ScriptingInvoice Ninja bis 4.3.x AccountRepository.php erweiterte RechtePbootcms 2.0.3 admin.php Cross Site ScriptingCacti 1.2.12 SQL Injection / Remote Command ExecutionFDCMS 4.0 Front-End FloginAction.class.php SQL InjectionPHP 8.1.0-dev User-Agentt Remote Code Execution explWordPress WP Prayer 1.6.1 Cross Site ScriptingWP Super Cache Plugin bis 1.7.2 auf WordPress Incomplete Fix CVE-2021-24209 erweiterte RechteExternal Media Plugin bis 1.0.33 auf WordPress AJAX Action erweiterte RechteCartFlows Create High Converting Sales Funnels Plugin bis 1.6.12 auf WordPress Settings facebook_pixel_id/google_analytics_id Cross Site ScriptingpfSense 2.4.5-p1 load_balancer_monitor.php Cross Site ScriptingHackers Actively Exploiting 0-Day in WordPress Plugin Installed on Over 17,000 SitesCMS Made Simple 2.2.14 Setting News Module Cross Site ScriptingIPS Community Suite 4.5.4.2 PHP Code InjectionVoIPmonitor bis 24.60 Configuration config/configuration.php SPOOLDIR erweiterte RechteWordPress LifterLMS 4.21.0 Cross Site ScriptingPHPFusion 9.03.50 Remote Code ExecutionCubeCart bis 6.4.2 Session Cookie schwache AuthentisierungPHP 8.1.0-dev Backdoor Remote Command InjectionPHPGurukul COVID19 Testing Management System 1.0 Parameter Admin name Cross Site ScriptingWordPress WP Statistics 13.0.7 SQL InjectionWordPress ReDi Restaurant Reservation 21.0307 Cross Site ScriptingWordPress Plugin Stop Spammers 2021.8 log Reflected Cross-site Scripting (XSS)Bludit 3.12.0 Backup File plugin.php erweiterte RechteQibosoftX1 1.0 client_upgrade_edition.php erweiterte RechtePHPPYUN bis 5.0.0 Alibaba Payment Interface alipay_function.php Information DisclosureAdvanced Guestbook 2.4.4 Cross Site ScriptingEgavilanMedia PHPCRUD 1.0 SQL InjectionTinyShop 1.2.0 /evaluate/index.php explain_first/again_explain Cross Site ScriptingListeo WordPress Theme < = 1.6.10 - Multiple Authenticated IDOR VulnerabilitiesGiveWP WordPress Plugin < = 2.10.3 - Authenticated Persistent XSSBello WordPress Theme < = 1.5.9 - Authenticated XFSBello WordPress Theme < = 1.5.9 - Unauthenticated Blind SQL InjectionGA Google Analytics WordPress Plugin < = 20210211 - Multiple Authenticated Persistent XSSGoto WordPress Theme 2.0 - Unauthenticated Blind SQL InjectionMediumish WordPress Theme < = 1.0.47 - Unauthenticated Reflected XSS & XFSMagecart Hackers Now hide PHP-Based Backdoor In Website FaviconsLAOBANCMS 2.0 admin/info.php Website SEO Keywords Cross Site ScriptingPHP Timeclock 1.04 Cross Site ScriptingBusiness Directory Plugin bis 5.11.0 auf WordPress Cross Site Request ForgeryBusiness Directory Plugin bis 5.11.1 auf WordPress Form Field Cross Site ScriptingRife Elementor Extensions & Templates Plugin bis 1.1.5 auf WordPress Widget Cross Site ScriptingImage Hover Effects - Elementor Addon Plugin bis 1.3.3 auf WordPress Widget Cross Site ScriptingLivemesh Addons for Elementor Plugin bis 6.7 auf WordPress Widget Cross Site ScriptingElementor Addon Elements Plugin bis 1.11.1 auf WordPress Widget Cross Site ScriptingElements Kit Lite Plugin/Elements Kit Pro Plugin bis 2.1.x auf WordPress Widget Cross Site ScriptingPremium Addons for Elementor Plugin bis 4.2.7 auf WordPress Widget Cross Site ScriptingWPBakery Page Builder Clipboard Plugin bis 4.5.7 auf WordPress AJAX Action erweiterte RechteOpenID Connect Generic Client Plugin 3.8.0/3.8.1 auf WordPress Cross Site Scriptingb2evolution 7-2-2 SQL InjectionWordPress WP Super Edit 2.5.4 Arbitrary File UploadCMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS)TYPO3 6.2.1 SQL InjectioniCMS 7.0.13 HTTP Request database.admincp.php do_del Directory TraversalvTiger CRM 7.2 Calendar Export SQL InjectionMoodle 3.6.1 Persistent Cross-Site Scripting (XSS)Cacti 1.2.12 filter SQL Injection / Remote Code ExecutionA New PHP Composer Bug Could Enable Widespread Supply-Chain AttacksPHPMailer bis 6.4.0 Phar Deserialization addAttachment erweiterte RechteWordPress Plugin WPGraphQL 1.3.5 Denial of ServiceLocalFilesEditor Extension bis 11.4.0.0 auf Piwigo show_default.php file erweiterte RechtePHP OpenID Library vulnerable to XML external entity injectionWordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)WordPress WPGraphQL 1.3.5 Denial Of ServiceUnbound bis 1.9.4 respip/respip.c PufferüberlaufFast PHP Chat 1.3 | SQL injectionWordPress Plugin RSS for Yandex Turbo 1.29 Stored Cross-Site Scripting (XSS)OpenEMR 4.1.0 - SQL InjectionMagento LTS bis 19.4.12/20.0.8 SQL Injection [CVE-2021-21427]Magento LTS bis 19.4.12/20.0.8 erweiterte Rechte [CVE-2021-21426]Tribal Systems Zenario CMS 8.8.52729 Pugin Library Delete Module ajax.php ID SQL InjectionPHPGurukul Beauty Parlour Management System 1.0 add-services.php sername SQL InjectionPHPGurukul Beauty Parlour Management Syste 1.0 add-services.php sername Cross Site ScriptingLightCMS 1.3.5 External Image NEditorController.php Remote Privilege EscalationWordPress bis 5.7.0 Editor Information DisclosureAnuko Time Tracker vor 1.19.27.5431 common.php.lib ttMitigateCSRF Cross Site Request ForgeryPatreon Plugin bis 1.6.x auf WordPress Cross Site Request ForgeryPatreon Plugin bis 1.7.1 auf WordPress AJAX Action patreon_save_attachment_patreon_level Cross Site ScriptingPatreon Plugin bis 1.7.1 auf WordPress Login Form wp-login.php Cross Site ScriptingPatreon Plugin bis 1.6.x auf WordPress wp-config.php Information DisclosureAccessAlly Plugin bis 3.5.6 auf WordPress product-shortcode.php accessally_order_form Information DisclosureAdvanced Booking Calendar Plugin bis 1.6.6 auf WordPress GET Parameter calId Cross Site Scripting
