Advisories archive Searching 24463 links categorized as php vuln/adviso since 2003-04-07 Search : Search in all sources Disable validation filter
24463 results found, please narrow your search...Shopware createInstanceFromNamedArguments PHP Object InstantiationPHP PHP_INI_SYSTEM Ineffective ControlsphpKF 1.10 XSS / CSRF / SQL InjectionXoops Wordpress Modules WP-Ktai 0.5.0 Japan Open RedirectionHorde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails < = v5.2.22Vuln: Drupal Novalnet Payment Module- Ubercart Module SQL Injection VulnerabilityPHP-Fusion 9.03.00 Remote Code ExecutionXOOPS CMS 2.5.9 SQL InjectionWordPress Form Maker 1.13.3 SQL Injection(Wordpress) Ninja Forms File Uploads Extension < = 3.0.22 – Unauthenticated Arbitrary File UploadWordPress Diarise 1.5.9 Local File DisclosureWordpress - W3 Total Cache - SSRF / RCEWordpress Social Warfare Remote Code ExecutionphpBB 3.2.5 Denial Of ServiceTraveler - Travel Booking WordPress Theme v2.7 Reflected XSS InjectionJoomla! Component JiFile 2.3.1 - Arbitrary File DownloadclientResponse Responsive PHP Client Management Stored XSS InjectionJoomla! Component ARI Quiz 3.7.4 - SQL InjectionJoomla! Component com_cwreserveer - SQL InjectionosTicket 1.11 Cross Site Scripting / Local File InclusionCritical Unpatched Flaw Disclosed in WordPress WooCommerce ExtensionHackers Actively Exploiting Widely-Used Social Share Plugin for WordPressJobCareer | Job Board Responsive WordPress Theme v2.5 Stored XSS InjectionWarkers PHP Search Script WebShell UploadJoomla Core 1.5.0 3.9.4 Directory Traversal / Authenticated Arbitrary File DeletionShadow-Fox PhP Uploader Script Cross Site Scripting VulnerabilityWordPress Download Manager 2.9.93 Cross Site ScriptingDrupal Releases Core CMS Updates to Patch Several VulnerabilitiesTasked PHP Task Management Multiple Stored XSS InjectionOpenDocMan 1.3.4 - Multiple XSS InjectionphpRechnung 1.6.6 - Multiple XSS InjectionBackUpWordPress 3.8 Plugins Backup Path Disclosure VulnerabilityATutor file_manager Remote Code ExecutionWordPress Plugin Contact Form Maker 1.13.1 Cross-Site Request ForgeryHorde Form Shell UploadWordpress Markant theme Arbitrary file DownloadPHP 7.2 imagecolormatch() Out of Band Heap WriteYiiCMS JetBrains PHPStorm 6.0.3 Database DisclosureVuln: WordPress Wordfence Plugin Unspecified Cross Site Scripting VulnerabilityWordPress Limit Login Attempts Reloaded 2.7.4 BypassJoomla omponent iPhone homepage icon 2.0.0 Parameter SQL InjectionWordPress Menu Plugin - Mega Main Menu unauthorized backupWordPress 5.0.0 Crop-image Shell Upload (Metasploit)WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 Parameter TamperingWordPress 5.0.0 crop-image Shell UploadVuln: Drupal Core SA-CORE-2019-004 Cross Site Scripting VulnerabilityWordPress iOS App Bug Leaked Secret Access Tokens to Third-Party SitesphpFileManager 1.7.8 Local File InclusionCMS Made Simple SQL InjectionWordPress - Nishizawa_Tmp Themes Directory Traversal VulnerabilityWordPress 4.9.x U_Parts Themes Directory Traversal VulnerabilityWordPress Oxygen-Theme Directory Traversal VulnerabilityCritical Magento SQL Injection Vulnerability Discovered – Patch Your SitesMagento 2.3.0 SQL InjectionWordPress 4.9.10 ButterKekse Plugins Open RedirectionMagento 2.2.0 <= 2.3.0 Unauthenticated SQLiWordPress 4.9.2 WordPress-Feed-Statistics Plugins 4.1 Open RedirectionMyBB Upcoming Events Plugin 1.32 - Cross-Site ScriptingWordPress 4.6.1 WireFunnel Plugins Open RedirectionWordPress 4.8 Ait-ThemesClub TemplatePreview 1.8.1 RFI Open RedirectionWordPress Ultimate Form Builder Plugins 1.0 Database DisclosureWordPress 5.1.1 WPBounce AND-AntiBounce Plugins 1.0.3 Open RedirectionWordPress 2.0.2 WP-Forum Plugins 1.7.8 Database DisclosureWordpress 5.0.4 begin Themes Open RedirectionSpip CMS 2.x/3.x Add Administrator Account & Insert File VulnerabilityWordPress 3.4.2 The-CL-Amazon-Thingy Plugins 1.0 Open RedirectionWordPress Easy WP SMTP plugin 0-dayWordPress 5.0.4 Age-Verification Plugins 0.5 Open RedirectionWordPress 4.9.8 KingAbdullahPort KAP Themes Database Configuration File DownloadWordPress 4.9.x U_Parts Themes Database Configuration File DownloadWordPress 4.7.13 ChurcHope Responsive Themes 4.7.x Database Configuration File DownloadWordPress 4.2.2 Oxygen-Theme Themes Database Configuration File DownloadWordPress 4.x CafeSalivation Themes Database Configuration File DownloadWordPress 5.1.1 Slider Revolution 4.6.5 UpdateCaptionsCSS Remote Content InjectionWordPress 4.x Nishizawa_Tmp Themes Database Configuration File DownloadMyBB Upcoming Events 1.32 Cross Site ScriptingeNdonesia Portal 8.7 Iframe Injection / SQL InjectionNetartmedia PHP Mall 4.1 SQL InjectionPHP MySQLi Database Class 2.9.2 SQL InjectionWordPress Menu Plugin - Mega Main Menu v2.1.2 unauthorized backup download VulnerabilityVuln: PHP Information Disclosure and Heap Buffer Overflow VulnerabilitiesWordPress GraceMedia Media Player 1.0 Local File InclusionNew WordPress Flaw Lets Unauthenticated Remote Attackers Hack SitesWordPress WP Fastest Cache 0.8.9.0 Arbitrary File DeletionWordPress 5.1 CSRF to Remote Code ExecutionWordPress Aibbt Themes Open RedirectionWordPress Deep Themes Open RedirectionWordPress 2kqq Themes Open RedirectionWordPress Azzxx Themes Open RedirectionphpBB 3.2.3 Remote Code ExecutionDrupal RESTful Web Services unserialize() Remote Code ExecutionWordPress ii-commerce Themes Unauthorized File InsertationWordPress nlh_omp-v1 Themes 1.0 Unauthorized File InsertationWordPress OneSocial-Child Themes Unauthorized File InsertationWordPress fuecaHome Plugins Unauthorized File InsertationWordPress WebFatorial-FoodNetwork Themes Unauthorized File InsertationWordPress wp-bs3-rad Themes Unauthorized File InsertationWordPress wp-bs3-rad Themes Unauthorized Insert File VulnerabilityWordPress HT-Poi Plugins 2.9 Unauthorized File InsertationWordPress WP-DreamworkGallery Plugins 2.3 CSRF Backdoor Access Vulnerability
