Advisories archive Searching 24521 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24521 results found, please narrow your search...Joomla JS Jobs 1.2.5 SQL InjectionosTicket 1.12 Formula InjectionosTicket 1.12 File Upload Cross Site ScriptingosTicket 1.12 Cross Site ScriptingJoomla JS Support Ticket 1.1.5 Arbitrary File DownloadJoomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 SQL InjectionWordPress JoomSport 3.3 SQL InjectionATutor 2.2.4 Arbitrary File Upload / Command ExecutionActive PHP Bookmarks 1.3 SQL Injectionibrowser phpthumb Command InjectionYahei-PHP Prober 0.4.7 HTML InjectionOvidentia 8.4.3 SQL InjectionReal Estate 7 - Real Estate WordPress Theme v2.8.9 Persistent XSS InjectionWordPress OneSignal 1.17.5 Cross Site ScriptingWordPress Plugin OneSignal 1.17.5 subdomain Persistent Cross-Site ScriptingphpFK 8.0 version Reinstall Add Admin VulnerabilityPHP Laravel Framework Token Unserialize Remote Command ExecutionNagios XI 5.5.6 Magpie_debug.php Root Remote Code Execution (Metasploit)phpFK lite-version Cross Site ScriptingWordPress Like Button 1.6.0 Authentication BypassMagento 2.3.1: Unauthenticated Stored XSS to RCESquirrelMail 1.4.22 Cross Site ScriptingNagios XI Magpie_debug.php Root Remote Code ExecutiondotCMS 5.1.5: Exploiting H2 SQL injection to RCEiLive - Intelligent WordPress Live Chat Support Plugin v1.0.4 Stored XSS InjectionSeedDMS out.GroupMgr.php Cross Site ScriptingdotProject 2.1.9 SQL InjectionWordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (Unautorized)WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code ExecutionWordPress - ChurcHope Responsive Themes 4.7.x Directory Traversal VulnerabilityWordpress Plugins Simple-e-commerce-shopping-cart DatabaseSQL Backup Disclosure VulnerabilityWordpress Plugins Cart66-Lite DatabaseSQL Backup Disclosure VulnerabilityDigaSell - Digital store PHP Script V1.0.0 XSS VulnerabilityWebLord WL-Nuke Coppermine for PHP-Nuke v1.3.1c SQL InjectionphpMyAdmin 4.8 Cross Site Request ForgeryWordPress Plugin Insert or Embed Articulate Content into WordPress - Remote Code Execution (UPLOAD SHELL)MyBB <= 1.8.20: From Stored XSS to RCEPHP Security Advent Calendar 2018New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack SessionsWordPress 5.2.1 Antena_Ri Institute Themes 2.0 Open RedirectionWordPress Satoshi 2.0 Cross Site Request Forgery / File UploadWordPress Plugin Form Maker 1.13.3 SQL InjectionShopware createInstanceFromNamedArguments PHP Object Instantiation Remote Code ExecutionHackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit MalwareWordPress 4.9.10 Xunjin Themes 4.6 Open RedirectionWordPress 4.8.9 Tigin Themes 1.0.5 Open RedirectionWordPress 5.2.1 Divi-Child Themes 1.0 Open RedirectionWordPress 5.1.1 jilijilibegin Themes LTS 4.6 Open RedirectionWordPress 4.9.x Jingke Themes 1.0 Open RedirectionJoomla 3.9.6 Com_Attachments Components 3.x Unauthorized File InsertionWordPress 4.9.10 4DMayi Themes 4.6 Open RedirectionWordPress 5.2.1 DingTalk Themes LTS 4.6 Open RedirectionWordPress 4.9.8 LaneMotorSport Responsive Themes 1.8.4 Open RedirectionWordPress 4.6.14 lqcPlugin-regiePublicites Plugins 1.0 Open RedirectionWordPress 4.6.12 PHPL Plugins 1.0 Open RedirectionWordPress 5.2.1 Dankov Planer Themes 1.1.2 Open RedirectionWordPress 4.9.10 Aliyun Themes 5.2 Open RedirectionWordPress 4.4.18 Ad-Manager Plugins 1.1.2 Open RedirectionShopware createInstanceFromNamedArguments PHP Object InstantiationPHP PHP_INI_SYSTEM Ineffective ControlsphpKF 1.10 XSS / CSRF / SQL InjectionXoops Wordpress Modules WP-Ktai 0.5.0 Japan Open RedirectionHorde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails < = v5.2.22Vuln: Drupal Novalnet Payment Module- Ubercart Module SQL Injection VulnerabilityPHP-Fusion 9.03.00 Remote Code ExecutionXOOPS CMS 2.5.9 SQL InjectionWordPress Form Maker 1.13.3 SQL Injection(Wordpress) Ninja Forms File Uploads Extension < = 3.0.22 – Unauthenticated Arbitrary File UploadWordPress Diarise 1.5.9 Local File DisclosureWordpress - W3 Total Cache - SSRF / RCEWordpress Social Warfare Remote Code ExecutionphpBB 3.2.5 Denial Of ServiceTraveler - Travel Booking WordPress Theme v2.7 Reflected XSS InjectionJoomla! Component JiFile 2.3.1 - Arbitrary File DownloadclientResponse Responsive PHP Client Management Stored XSS InjectionJoomla! Component ARI Quiz 3.7.4 - SQL InjectionJoomla! Component com_cwreserveer - SQL InjectionosTicket 1.11 Cross Site Scripting / Local File InclusionCritical Unpatched Flaw Disclosed in WordPress WooCommerce ExtensionHackers Actively Exploiting Widely-Used Social Share Plugin for WordPressJobCareer | Job Board Responsive WordPress Theme v2.5 Stored XSS InjectionWarkers PHP Search Script WebShell UploadJoomla Core 1.5.0 3.9.4 Directory Traversal / Authenticated Arbitrary File DeletionShadow-Fox PhP Uploader Script Cross Site Scripting VulnerabilityWordPress Download Manager 2.9.93 Cross Site ScriptingDrupal Releases Core CMS Updates to Patch Several VulnerabilitiesTasked PHP Task Management Multiple Stored XSS InjectionOpenDocMan 1.3.4 - Multiple XSS InjectionphpRechnung 1.6.6 - Multiple XSS InjectionBackUpWordPress 3.8 Plugins Backup Path Disclosure VulnerabilityATutor file_manager Remote Code ExecutionWordPress Plugin Contact Form Maker 1.13.1 Cross-Site Request ForgeryHorde Form Shell UploadWordpress Markant theme Arbitrary file DownloadPHP 7.2 imagecolormatch() Out of Band Heap WriteYiiCMS JetBrains PHPStorm 6.0.3 Database DisclosureVuln: WordPress Wordfence Plugin Unspecified Cross Site Scripting VulnerabilityWordPress Limit Login Attempts Reloaded 2.7.4 BypassJoomla omponent iPhone homepage icon 2.0.0 Parameter SQL InjectionWordPress Menu Plugin - Mega Main Menu unauthorized backup
