Advisories archive Searching 24731 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24731 results found, please narrow your search...Nagios XI 5.6.12 export-rrd.php Remote Code ExecutionOpenEMR 5.0.1 controller Remote Code ExecutionEQDKP Plus CMS 2.3.29 Cross Site ScriptingATutor 2.2.4 Directory Traversal / Remote Code ExecutionTYPO3 CMS SQL Injectione-learning PHP Script 0.1.0 SQL InjectionNexos - Real Estate WordPress Theme v1.7 - Multiple VulnerabilitiesTravel Booking WordPress Theme v2.8.1 - Unauthenticated Reflected XSSTownHub - Directory & Listing WordPress Theme v1.2.9 - Unauthenticated Reflected XSSCityBook - Directory & Listing WordPress Theme v2.4.3 - Unauthenticated Reflected XSSCMS Made Simple 2.2.14 moduleinterface.php Cross Site ScriptingCollege-Management-System-Php 1.0 SQL InjectionPHP-Fusion 9.03.60 PHP Object Injection / SQL InjectionJoomla J2 Store 3.3.11 SQL InjectionPlesk/myLittleAdmin ViewState .NET Deserialization (Metasploit)NeonLMS - Learning Management System PHP Laravel Script - 'Arbitrary' File DownloadosTicket 1.14.1 Saved Search Persistent Cross-Site ScriptingNeonLMS - Learning Management System PHP Laravel Script - 'Messages' Persistent Cross Site ScriptingWordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)OpenEMR Remote Code ExecutionWordpress Plugin Form Maker 5.4.1 s SQL Injection (Authenticated)PHP-Fusion 9.03.50 SQL InjectionWordPress Ajax Load More 5.3.1 SQL InjectionvBulletin 5.6.1 SQL InjectionNetsweeper WebAdmin unixlogin.php Python Code InjectionCuteNews 2.1.2 Authenticated Shell UploadAn Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch NowCuteNews 2.1.2 Arbitrary File DeletionWordPress ChopSlider 3 SQL Injectionjohncaruso PHP Photo Gallery Remote File Inculsion Vulnerability [ RFI ]WordPress Themes begin-its-1 Remote File InclusionJoomla com_content 1.5 - Blind SQL VulnerabilityCritical Bugs Found in 3 Popular e-Learning Plugins for WordPress SitesPHP-Fusion 9.03.50 Arbitrary File UploadphpCollab 2.7.2 - Arbitrary File UploadCritical Security Patches Released for Magento, Adobe Illustrator and BridgephpCollab v2.7.2 - CSRF Arbitrary File Upload RCE PoC ScriptCatch Breadcrumb v1.5.4 WordPress plugin - Unauthenticated Reflected XSSWordPress Weekender Newspaper Themes 9.0 Open RedirectionThinkPHP 5.0.23 Remote Code ExecutionLifeRay CMS (Fckeditor) Arbitrary File Upload VulnerabilityPlaySMS index.php Unauthenticated Template Injection Code ExecutionHorde Groupware Webmail Edition 5.2.22 Remote Code ExecutionWordPress Eatery Restaurant Themes 2.2 Open RedirectionWordPress justnews-child Themes 1.0 Open RedirectionWordPress Nashvilleparent Themes 1.10 Open RedirectionWordPress Attitude Themes 1.1.1 Open RedirectionWordPress Event-Registration Plugins 5.43 Arbitrary File UploadWordPress Randy Peterman Murph StatTraq 1.1 SQL InjectionJoomla GMapFP 3.30 Arbitrary File UploadImpressCMS 1.3.11 - Why you should not trust PHP_SELFWordPress Wmyx2.0 Themes 2.0 Open RedirectionWordPress ProStore Themes 1.1.2 Open RedirectionWordPress Eurielle Themes 0.1.0 Open RedirectionWordPress FxInfinityTheme Themes 2.2.1 Open Redirection Remote File InclusionWordPress Upward Themes 1.5 Open RedirectionJoomla! com_hdwplayer 4.2 search.php SQL InjectionWordPress Grimag Themes 1.2.5 Open RedirectionWordpress Plugin PicUploader 1.0 - Remote File UploadrConfig 3.9.4 search.crud.php Remote Command InjectionWordPress Aviary Image Editor Add-On For Gravity Forms Plugins 3.0 Beta R7 CSRF Shell Upload VulnerabilityWordPress WPTouch Switch Desktop 3.x Open RedirectionWordPress Event Themes 1.4 CSRF Shell Upload VulnerabilityWordPress HillReproGraphics Themes 2.0.1 CSRF Shell Upload VulnerabilityWordPress LM17 LottoMaticaItalia Themes 1.0 CSRF Shell Upload VulnerabilityWordPress DailyDeal Themes 3.0 CSRF Shell Upload VulnerabilityWordPress Custom-BackGround Plugins 3.0 CSRF Shell Upload VulnerabilityPHPKB Multi-Language 9 Authenticated Remote Code ExecutionPHPKB Multi-Language 9 Authenticated Directory TraversalJoomla Component com_newsfeeds SQL injection vulnerabilityPHP Scripts Mall website-seller Script 2.0.5 Reflected XSS.PHPStudy Backdoor Remote Code execution (Metasploit)WordPress Search Meter 2.13.2 CSV InjectionPHPStudy Backdoor Remote Code Execution60CycleCMS news.php SQL InjectionWordpress Plugin Tutor LMS 1.5.3 Cross-Site Request Forgery (Add User)PHP-FPM 7.x Remote Code ExecutionPHP-Fusion CMS 9.03 Cross Site ScriptingMagento WooCommerce CardGate Payment Gateway 2.0.30 Payment Process BypassATutor 2.2.4 SQL Injectionword press plugin wpforms-lite 1.5.8.2 - Cross-Site ScriptingBugtraq: [SECURITY] [DSA 4628-1] php7.0 security updateWordPress WP Sitemap Page 1.6.2 Cross Site ScriptingWordPress Fruitful 3.8 Cross Site ScriptingBugtraq: [SECURITY] [DSA 4626-1] php7.3 security updateCritical Bug in WordPress Theme Plugin Opens 200,000 Sites to HackersphpMyChat Plus 1.98 SQL InjectionPHP 7.0 < 7.4 (Unix) debug_backtrace disable_functions BypassWordPress Ultimate-Member 2.1.3 Local File InclusionSuiteCRM 7.11.11 Phar DeserializationSuiteCRM 7.11.11 Second-Order PHP Object InjectionWordpress Plugin events-manager - Local File DisclosureWordpress Plugin wordfence.7.4.5 - Local File DisclosureWordpress Plugin tutor.1.5.3 - Local File InclusionWordpress Plugin tutor.1.5.3 - Cross-Site ScriptingLearnDash WordPress LMS 3.1.2 Cross Site ScriptingWordPress InfiniteWP Client Authentication BypassWordpress Plugin contact-form-7.5.1.6 - Remote File UploadWordPress Plugin ultimate-member 2.1.3 - Local File InclusionphpList 3.5.0 Authentication Bypass
