Home
Home
Grey Skin Blue Skin Green Skin Red Skin
Last holes
CVE-2022-36750 | Clinics Patient Management System 1.0 /pms/update_user.php id sql injection
2022-08-11
(79hits)
CVE-2022-2751 | SourceCodester Company Website CMS add-portfolio.php ufile unrestricted upload
2022-08-10
(96hits)
CVE-2022-2750 | SourceCodester Company Website CMS Add Service add-service.php unrestricted upload
2022-08-10
(94hits)
CVE-2022-2749 | SourceCodester Gym Management System index.php unrestricted upload
2022-08-10
(94hits)
CVE-2022-2748 | SourceCodester Simple Online Book Store System /admin/edit.php eid cross site scripting
2022-08-10
(99hits)
CVE-2022-2747 | SourceCodester Simple Online Book Store book.php book_isbn sql injection
2022-08-10
(98hits)
CVE-2022-2746 | SourceCodester Simple Online Book Store System Admin_ add.php unrestricted upload
2022-08-10
(40hits)
CVE-2022-2745 | SourceCodester Gym Management System Add New Trainer /admin/add_trainers.php trainer_name sql injection
2022-08-10
(40hits)
CVE-2022-2744 | SourceCodester Gym Management System Background Management /admin/add_exercises.php exer_img unrestricted upload
2022-08-10
(44hits)
CVE-2022-2733 | OpenEMR up to 7.0.0.0 cross site scripting
2022-08-09
(51hits)
CVE-2022-2731 | OpenEMR up to 7.0.0.0 cross site scripting
2022-08-09
(56hits)
CVE-2022-2729 | OpenEMR up to 7.0.0.0 cross site scripting
2022-08-09
(54hits)
CVE-2022-2734 | OpenEMR up to 7.0.0.0 improper restriction of rendered ui layers
2022-08-09
(54hits)
CVE-2022-2732 | OpenEMR up to 7.0.0.0 privileges management
2022-08-09
(25hits)
CVE-2022-2730 | OpenEMR up to 7.0.0.0 authorization
2022-08-09
(28hits)
CVE-2022-2740 | SourceCodester Company Website CMS Add Blog /dashboard/add-blog.php ufile unrestricted upload
2022-08-09
(57hits)
CVE-2022-2736 | SourceCodester Company Website CMS Background Upload Logo Icon updatelogo.php xfile/ufile unrestricted upload
2022-08-09
(17hits)
CVE-2022-2423 | DW Promobar Plugin up to 1.0.4 on WordPress Setting cross site scripting
2022-08-09
(19hits)
CVE-2022-2412 | Better Tag Cloud Plugin up to 0.99.5 on WordPress Setting cross site scripting
2022-08-09
(20hits)
CVE-2022-2411 | Auto More Tag Plugin up to 4.0.0 on WordPress Setting cross site scripting
2022-08-09
(17hits)
CVE-2022-2410 | mTouch Quiz Plugin up to 3.1.3 on WordPress Setting cross site scripting
2022-08-09
(18hits)
CVE-2022-2409 | Rough Chart Plugin up to 1.0.0 on WordPress Data Label cross site scripting
2022-08-09
(18hits)
CVE-2022-2398 | Comments Fields Plugin up to 4.0 on WordPress Field Error Message cross site scripting
2022-08-09
(14hits)
CVE-2022-2728 | SourceCodester Gym Management System /mygym/admin/index.php edit_tran sql injection
2022-08-09
(14hits)
CVE-2022-2727 | SourceCodester Gym Management System /mygym/admin/login.php admin_email/admin_pass sql injection
2022-08-09
(16hits)
CVE-2022-2395 | weForms Plugin up to 1.6.13 on WordPress Setting cross site scripting
2022-08-09
(17hits)
CVE-2022-2386 | Crowdsignal Dashboard Plugin up to 3.0.7 on WordPress cross site scripting
2022-08-09
(17hits)
CVE-2022-2372 | YaySMTP Plugin up to 2.2.1 on WordPress Setting cross site scripting
2022-08-09
(20hits)
CVE-2022-2371 | YaySMTP Plugin up to 2.2.0 on WordPress Setting cross site scripting
2022-08-09
(17hits)
CVE-2022-2355 | Easy Username Updater Plugin up to 1.0.4 on WordPress cross-site request forgery
2022-08-09
(20hits)
CVE-2022-2460 | WPDating Plugin up to 7.1.9 on WordPress sql injection
2022-08-09
(20hits)
CVE-2022-2391 | Inspiro PRO Plugin on WordPress description cross site scripting
2022-08-09
(20hits)
CVE-2022-2367 | WSM Downloader Plugin up to 1.4.0 on WordPress Parameter Validation link authorization
2022-08-09
(252hits)
CVE-2022-2356 | Frontend File Manager & Sharing Plugin up to 1.1.2 on WordPress File Extension unrestricted upload
2022-08-09
(247hits)
CVE-2022-2269 | Website File Changes Monitor Plugin up to 1.8.2 on WordPress sql injection
2022-08-09
(57hits)
CVE-2022-2046 | Directorist Plugin up to 7.2.2 on WordPress ZIP File unrestricted upload (ID 2752034)
2022-08-09
(261hits)
CVE-2022-2424 | Google Maps Anywhere Plugin up to 1.2.6.3 on WordPress cross site scripting
2022-08-09
(271hits)
CVE-2022-1323 | Discy Theme up to 4.x on WordPress POST Request discy_update_options access control
2022-08-09
(296hits)
CVE-2022-2357 | WSM Downloader Plugin up to 1.4.0 on WordPress wp-config.php file access
2022-08-09
(61hits)
CVE-2022-2726 | SEMCMS Ant_Check.php DID sql injection
2022-08-09
(65hits)
CVE-2022-2725 | SourceCodester Company Website CMS add-blog.php cross site scripting
2022-08-09
(52hits)
CVE-2022-2724 | SourceCodester Employee Management System /process/aprocess.php mailuid sql injection
2022-08-09
(51hits)
CVE-2022-2723 | SourceCodester Employee Management System /process/eprocess.php mailuid/pwd sql injection
2022-08-09
(53hits)
CVE-2022-2722 | SourceCodester Simple Student Information System manage_course.php id sql injection
2022-08-09
(55hits)
The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST
2022-08-08
(44hits)
CuteEditor For PHP 6.6 Directory Traversal
2022-08-08
(43hits)
CVE-2022-2715 | SourceCodester Employee Management System eloginwel.php id sql injection
2022-08-08
(65hits)
CVE-2022-2708 | SourceCodester Gym Management System login.php user_login sql injection
2022-08-08
(131hits)
CVE-2022-2707 | SourceCodester Online Class and Exam Scheduling System 1.0 /pages/faculty_sched.php faculty sql injection
2022-08-07
(124hits)
CVE-2022-2706 | SourceCodester Online Class and Exam Scheduling System 1.0 /pages/class_sched.php class sql injection
2022-08-07
(126hits)
CVE-2022-2705 | SourceCodester Simple Student Information System manage_department.php id sql injection
2022-08-07
(128hits)
CVE-2022-2704 | SourceCodester Simple E-Learning System downloadFiles.php download information disclosure
2022-08-07
(128hits)
CVE-2022-2702 | SourceCodester Company Website CMS Cookie site-settings.php access control
2022-08-07
(38hits)
CVE-2022-2698 | SourceCodester Simple E-Learning System search.php searchPost sql injection
2022-08-07
(39hits)
CVE-2022-2697 | SourceCodester Simple E-Learning System comment_frame.php post_id sql injection
2022-08-07
(39hits)
WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request Forgery
2022-08-06
(64hits)
WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting
2022-08-06
(62hits)
Active PHP Bookmarks v1.3 - Sql Injection Vulnerability
2022-08-06
(68hits)
CVE-2021-36861 | Starfish Rich Reviews Plugin up to 1.9.14 on WordPress cross-site request forgery
2022-08-05
(75hits)
CVE-2022-36296 | JumpDEMAND ActiveDEMAND Plugin up to 0.2.27 on WordPress improper authentication
2022-08-05
(73hits)
CVE-2022-33201 | MailerLite Signup Forms Plugin up to 1.5.7 on WordPress API Key cross-site request forgery
2022-08-05
(80hits)
CVE-2022-2685 | SourceCodester Interview Management System 1.0 /addQuestion.php question cross site scripting
2022-08-05
(67hits)
CVE-2022-2684 | SourceCodester Apartment Visitor Management System 1.0 /manage-apartment.php Apartment Number cross site scripting
2022-08-05
(86hits)
Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews.
2022-08-05
(71hits)
CVE-2022-2674 | SourceCodester Best Fee Management System admin_class.php login username sql injection
2022-08-05
(288hits)
CVE-2022-2673 | Rigatur Online Booking and Hotel Management System aff6409 POST Request login.php email/pass sql injection
2022-08-05
(286hits)
CVE-2022-2672 | SourceCodester Garage Management System createUser.php userName/uemail sql injection
2022-08-05
(287hits)
CVE-2022-2671 | SourceCodester Garage Management System removeUser.php id sql injection
2022-08-05
(291hits)
CVE-2022-31132 | Nextcloud Mail up to 1.12.6/1.13.5 CSS Minifier css_optimiser.php server-side request forgery (GHSA-24pm-rjfv-23mh)
2022-08-05
(82hits)
CVE-2022-2645 | SourceCodester Garage Management System edituser.php id cross site scripting
2022-08-04
(253hits)
CVE-2022-2646 | SourceCodester Online Admission System index.php eid cross site scripting
2022-08-04
(271hits)
The Copyright Proof WordPress plugin through 4.16 does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific
2022-08-04
(70hits)
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection
2022-08-04
(71hits)
WordPress WP-UserOnline 2.87.6 Cross Site Scripting
2022-08-03
(78hits)
CVE-2022-34943 | Laravel 5.1 ChanceGenerator __call Privilege Escalation
2022-08-03
(310hits)
CVE-2022-34937 | Yuba U5cms 8.3.5 savepage.php cross-site request forgery (ID 51)
2022-08-03
(306hits)
CVE-2022-29807 | Quest KACE Systems Management Appliance up to 12.0 download_agent_installer.php sql injection
2022-08-03
(289hits)
The Login with phone number WordPress plugin through 1.3.7 do not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
2022-08-03
(87hits)
The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
2022-08-03
(80hits)
The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php.
2022-08-03
(56hits)
The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
2022-08-03
(58hits)
WordPress Duplicator 1.4.7 Information Disclosure
2022-08-02
(45hits)
Easy Chat Server 3.1 Buffer Overflow
2022-08-02
(48hits)
WordPress SeatReg 1.23.0 Open Redirect
2022-08-02
(51hits)
CVE-2022-34956 | Pligg CMS 2.0.2 load_data_for_groups.php page_size sql injection (ID 261)
2022-08-02
(115hits)
CVE-2022-34955 | Pligg CMS 2.0.2 load_data_for_topusers.php page_size sql injection (ID 261)
2022-08-02
(115hits)
CVE-2022-35422 | Web Based Quiz System 1.0 update.php qid sql injection
2022-08-02
(124hits)
CVE-2022-34954 | Pharmacy Management System 1.0 invoiceprint.php id sql injection
2022-08-02
(126hits)
CVE-2022-34953 | Pharmacy Management System 1.0 getOrderReport.php startDate sql injection
2022-08-02
(127hits)
CVE-2022-34952 | Pharmacy Management System 1.0 edituser.php id sql injection
2022-08-02
(55hits)
CVE-2022-34951 | Pharmacy Management System 1.0 getsalereport.php startDate sql injection
2022-08-02
(54hits)
CVE-2022-34950 | Pharmacy Management System 1.0 editproduct.php id sql injection
2022-08-02
(61hits)
CVE-2022-34949 | Pharmacy Management System 1.0 login.php email/password sql injection
2022-08-02
(57hits)
CVE-2022-34948 | Pharmacy Management System 1.0 editbrand.php id sql injection
2022-08-02
(58hits)
CVE-2022-2215 | GiveWP Plugin up to 2.21.2 on WordPress Currency Setting cross site scripting
2022-08-01
(235hits)
CVE-2022-2184 | CAPTCHA 4WP Plugin up to 7.0.x on WordPress Admin Template require_once cross-site request forgery
2022-08-01
(233hits)
CVE-2022-2181 | Advanced Reset Plugin up to 1.5 on WordPress Admin Dashboard href cross site scripting
2022-08-01
(227hits)
CVE-2022-1906 | Copyright Proof Plugin up to 4.16 on WordPress AJAX Action cross site scripting
2022-08-01
(237hits)
CVE-2022-1324 | Event Timeline Plugin up to 1.1.5 on WordPress Timeline Text cross site scripting
2022-08-01
(227hits)
CVE-2022-0598 | Login with Phone Number Plugin up to 1.3.7 on WordPress Setting cross site scripting
2022-08-01
(68hits)
CVE-2022-2370 | YaySMTP Plugin up to 2.2.0 on WordPress Mailer Credential authorization
2022-08-01
(59hits)
CVE-2022-2369 | YaySMTP Plugin up to 2.2.0 on WordPress Log authorization
2022-08-01
(59hits)
CVE-2022-2317 | Simple Membership Plugin up to 4.1.2 on WordPress Registration privileges management
2022-08-01
(60hits)
CVE-2022-2273 | Simple Membership Plugin up to 4.1.2 on WordPress POST membership_level privileges management
2022-08-01
(66hits)
CVE-2022-1950 | Youzify Plugin up to 1.1.x on WordPress sql injection
2022-08-01
(69hits)
CVE-2022-1585 | Project Source Code Download Plugin up to 1.0.0 on WordPress Backup wp-config.php file access
2022-08-01
(68hits)
CVE-2022-1600 | YOP Poll Plugin up to 6.4.2 on WordPress HTTP Header REMOTE_ADDR authorization
2022-08-01
(63hits)
Transposh WordPress Translation 1.0.8.1 Cross Site Request Forgery
2022-08-01
(95hits)
Transposh WordPress Translation 1.0.7 Incorrect Authorization
2022-08-01
(94hits)
Transposh WordPress Translation 1.0.7 Cross Site Scripting
2022-08-01
(100hits)
WordPress Plugin WP-UserOnline 2.87.6 Stored Cross-Site Scripting (XSS)
2022-08-01
(100hits)
CVE-2022-33994 | Gutenberg Plugin up to 13.7.3 on WordPress SVG Document cross site scripting
2022-07-31
(413hits)
CVE-2022-2579 | SourceCodester Garage Management System 1.0 createUser.php userName cross site scripting
2022-07-29
(216hits)
CVE-2022-2578 | SourceCodester Garage Management System 1.0 createUser.php access control
2022-07-29
(219hits)
CVE-2022-2577 | SourceCodester Garage Management System 1.0 /edituser.php id sql injection
2022-07-29
(220hits)
WordPress Plugin Visual Slide Box Builder 3.2.9 SQLi
2022-07-29
(105hits)
CVE-2022-35882 | GS Plugins GS Testimonial Slider Plugin up to 1.9.1 on WordPress cross site scripting
2022-07-28
(367hits)
CVE-2016-0796 | mb.miniAudioPlayer-an HTML5 Audio Player up to 1.7.5 on WordPress improper authentication
2022-07-28
(349hits)
CVE-2016-2138 | kippo-graph up to 1.5.0 KippoInput.class.php xss_clean cross site scripting (ID 35)
2022-07-28
(355hits)
CVE-2016-2139 | kippo-graph up to 1.5.0 KippoInput.class.php file_link cross site scripting (ID 35)
2022-07-28
(371hits)
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properly verify user-supplied input. An attacker may leverage
2022-07-28
(93hits)
In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php.
2022-07-28
(63hits)
In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php.
2022-07-28
(65hits)
CVE-2022-31627 | PHP up to 8.1.7 libmagic finfo_buffer free of memory not on the heap (ID 81723)
2022-07-28
(69hits)
CVE-2021-33371 | Student Management System 1.0 Chat Box /nav_bar_action.php cross site scripting (ID 49865 / EDB-49865)
2022-07-28
(66hits)
CVE-2022-34121 | Cuppa CMS 1.0 right.php file inclusion (ID 18)
2022-07-28
(69hits)
CVE-2022-34120 | Barangay Management System 1.0 activity.php Privilege Escalation
2022-07-28
(65hits)
CVE-2022-34140 | Feehi CMS 2.1.1 index.php username cross site scripting (ID 61)
2022-07-28
(72hits)
CVE-2022-33970 | biplob018 Shortcode Addons Plugin up to 3.1.2 on WordPress Options Change access control
2022-07-27
(63hits)
CVE-2022-34611 | Online Fire Reporting System 1.0 /index.php/ Contac # cross site scripting
2022-07-27
(119hits)
CVE-2022-34594 | Advanced School Management System 1.0 update_subject.php Edit Subject cross site scripting
2022-07-27
(110hits)
CVE-2022-2299 | Allow SVG Files Plugin up to 1.1 on WordPress cross site scripting
2022-07-26
(112hits)
CVE-2022-34989 | Fruits Bazar 1.0 user_password_recover.php recover_email sql injection
2022-07-26
(123hits)
CVE-2022-24992 | QRcdr 5.2.7 process.php pathname traversal
2022-07-26
(109hits)
CVE-2022-2239 | Request a Quote Plugin up to 2.3.7 on WordPress Setting cross site scripting
2022-07-25
(103hits)
CVE-2022-2219 | Unyson Plugin up to 2.7.26 on WordPress cross site scripting
2022-07-25
(101hits)
CVE-2022-2189 | WP Video Lightbox Plugin up to 1.9.4 on WordPress REQUEST_URI cross site scripting
2022-07-25
(105hits)
CVE-2022-2115 | Popup Anything Plugin up to 2.1.6 on WordPress Frontend Page cross site scripting
2022-07-25
(77hits)
CVE-2022-0899 | Header Footer Code Manager Plugin up to 1.1.23 on WordPress Admin Page cross site scripting
2022-07-25
(75hits)
CVE-2022-33965 | Osamaesh WP Visitor Statistics Plugin up to 5.7 on WordPress sql injection
2022-07-25
(87hits)
CVE-2022-2240 | Request a Quote Plugin up to 2.3.7 on WordPress csv injection
2022-07-25
(84hits)
CVE-2022-1551 | SP Project & Document Manager Plugin up to 4.57 on WordPress information disclosure
2022-07-25
(77hits)
CVE-2022-1539 | Exports and Reports Plugin up to 0.9.1 on WordPress CSV Export csv injection
2022-07-25
(75hits)
A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to
2022-07-23
(131hits)
CVE-2022-34853 | wpWax Team Plugin up to 1.2.6 on WordPress cross site scripting
2022-07-23
(130hits)
CVE-2022-34650 | wpWax Team Plugin up to 1.2.6 on WordPress cross site scripting
2022-07-23
(131hits)
CVE-2022-33191 | Chinmoy Paul Testimonials Plugin up to 3.0.1 on WordPress cross site scripting
2022-07-23
(141hits)
CVE-2022-29495 | Sygnoos Popup Builder Plugin up to 4.1.11 on WordPress Plugin Setting cross-site request forgery
2022-07-23
(131hits)
CVE-2022-34839 | CodexShaper WP OAuth2 Server Plugin up to 1.0.1 on WordPress improper authentication
2022-07-23
(134hits)
CVE-2022-33960 | Supsystic Social Share Buttons Plugin up to 2.2.3 on WordPress sql injection
2022-07-23
(115hits)
CVE-2022-27235 | Supsystic Social Share Buttons Plugin up to 2.2.3 on WordPress access control
2022-07-23
(101hits)
CVE-2022-33901 | MultiSafepay for WooCommerce Plugin up to 4.13.1 on WordPress path traversal
2022-07-23
(114hits)
CVE-2022-30998 | WooPlugins.co Homepage Product Organizer for WooCommerce Plugin up to 1.1 on WordPress sql injection
2022-07-23
(105hits)
CVE-2022-28666 | YIKES Custom Product Tabs for WooCommerce Plugin bis 1.7.7 auf WordPress erweiterte Rechte
2022-07-22
(131hits)
CVE-2022-2494 | OpenEMR bis 6.x Cross Site Scripting
2022-07-22
(128hits)
The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the password (to an arbitrary value) of any user knowing only
2022-07-22
(115hits)
CVE-2022-34042 | Barangay Management System 1.0 household.php hidden_id SQL Injection
2022-07-21
(120hits)
CVE-2022-29454 | Better Messages Plugin bis 1.9.9.148 auf WordPress File Attachment Cross Site Request Forgery
2022-07-21
(114hits)
CVE-2021-36849 | René Hermenau Social Media Share Buttons Plugin bis 3.8.1 auf WordPress Cross Site Scripting
2022-07-21
(116hits)
CVE-2022-34590 | itsourcecode Hospital Management System 1.0 /HMS/admin.php editid SQL Injection
2022-07-21
(121hits)
Active eCommerce Laravel CMS 5.x to 6.1.2 - Cross Site request forgery (CSRF) to Cross-site Scripting (XSS) (Authenticated)
2022-07-20
(123hits)
CVE-2022-2492 | SourceCodester Library Management System 1.0 /index.php RollNo SQL Injection
2022-07-20
(137hits)
CVE-2022-2491 | SourceCodester Library Management System 1.0 lab.php Section SQL Injection
2022-07-20
(129hits)
CVE-2022-36304 | Vesta 1.0.0-5 UploadHandler.php generate_response Cross Site Scripting (ID 2252)
2022-07-20
(133hits)
CVE-2022-36303 | Vesta 1.0.0-5 UploadHandler.php handle_file_upload Cross Site Scripting (ID 2252)
2022-07-20
(140hits)
CVE-2022-34025 | Vesta 1.0.0-5 UploadHandler.php Cross Site Scripting (ID 2252)
2022-07-20
(139hits)
CVE-2022-34024 | Barangay Management System 1.0 Resident Module resident.php erweiterte Rechte
2022-07-20
(140hits)
CVE-2022-34023 | Barangay Management System 1.0 /officials/officials.php hidden_id SQL Injection
2022-07-20
(142hits)
Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php.
2022-07-20
(115hits)
Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php.
2022-07-20
(116hits)
CVE-2022-2437 | Feed Them Social Plugin bis 2.9.8.5 auf WordPress fts_url erweiterte Rechte
2022-07-19
(137hits)
CVE-2022-2108 | Wbcom Designs BuddyPress Group Reviews Plugin bis 2.8.3 auf WordPress erweiterte Rechte
2022-07-19
(125hits)
CVE-2022-2117 | GiveWP Plugin bis 2.20.2 auf WordPress REST API Endpoint /donor-wall Information Disclosure
2022-07-19
(130hits)
CVE-2022-24690 | DSK DSKNet 2.16.136.0/2.17.136.5 HTTP Request PresAbs.php SQL Injection
2022-07-19
(136hits)
CVE-2022-2444 | Visualizer Tables and Charts Manager Plugin bis 3.7.9 auf WordPress remote_data erweiterte Rechte
2022-07-18
(105hits)
Experts Notice Sudden Surge in Exploitation of WordPress Page Builder Plugin Vulnerability
2022-07-18
(114hits)
CVE-2022-31260 | Montala ResourceSpace bis 9.8 csv_export_results_metadata.php k Information Disclosure
2022-07-18
(123hits)
CVE-2022-2146 | Import CSV Files Plugin bis 1.0 auf WordPress Cross Site Scripting
2022-07-17
(141hits)
CVE-2022-2194 | Accept Stripe Payments Plugin bis 2.0.63 auf WordPress Setting Cross Site Scripting
2022-07-17
(148hits)
CVE-2022-2187 | Contact Form 7 Captcha Plugin bis 0.1.1 auf WordPress Web Browser REQUEST_URI Cross Site Scripting
2022-07-17
(148hits)
CVE-2022-2186 | Simple Post Notes Plugin bis 1.7.5 auf WordPress Cross Site Scripting
2022-07-17
(140hits)
CVE-2022-2173 | Advanced Database Cleaner Plugin bis 3.1.0 auf WordPress Admin Dashboard Cross Site Scripting
2022-07-17
(149hits)
CVE-2022-2169 | Loading Page with Loading Screen Plugin bis 1.0.82 auf WordPress Cross Site Scripting
2022-07-17
(117hits)
CVE-2022-2168 | Download Manager Plugin bis 3.2.43 auf WordPress History Dashboard Cross Site Scripting
2022-07-17
(109hits)
CVE-2022-2151 | Best Contact Management Software Plugin bis 3.7.3 auf WordPress Cross Site Scripting
2022-07-17
(125hits)
CVE-2022-2149 | Very Simple Breadcrumb Plugin bis 1.0 auf WordPress Cross Site Scripting
2022-07-17
(128hits)
CVE-2020-35261 | SourceCodester Multi Restaurant Table Reservation System 1.0 /dashboard/profile.php Restaurant Name Cross Site Scripting (EDB-49135)
2022-07-16
(133hits)
CVE-2022-32119 | Arox School ERP Pro 1.0 Add Photo photogalleries.inc.php erweiterte Rechte
2022-07-16
(141hits)
WordPress Kaswara Modern WPBakery Page Builder 3.0.1 File Upload
2022-07-15
(117hits)
CVE-2022-32417 | PbootCMS 3.1.2 function.php parserIfLabel Privilege Escalation
2022-07-15
(150hits)
CVE-2022-2420 | URVE Web Manager _internal/uploader.php erweiterte Rechte
2022-07-15
(128hits)
CVE-2022-2419 | URVE Web Manager upload.php erweiterte Rechte
2022-07-15
(128hits)
CVE-2022-2418 | URVE Web Manager img_upload.php erweiterte Rechte
2022-07-15
(133hits)
Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers
2022-07-15
(163hits)
A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The
2022-07-14
(129hits)
CVE-2022-32074 | osTicket Plugins SVG audit/class.audit.php Cross Site Scripting
2022-07-13
(132hits)
phpAnalyzer v2.0.4 Backdoor Account Vulnerability
2022-07-13
(140hits)
CVE-2022-31904 | EGT-Kommunikationstechnik UG Mediacenter bis 1.x Online_Update.php Cross Site Scripting
2022-07-12
(143hits)
CVE-2022-1757 | Pagebar Plugin bis 2.65 auf WordPress Setting Cross Site Request Forgery
2022-07-12
(143hits)
CVE-2022-1626 | Sharebar Plugin bis 1.4.1 auf WordPress Setting Cross Site Request Forgery
2022-07-12
(137hits)
CVE-2022-2123 | WP Opt-in Plugin bis 1.4.1 auf WordPress Mail Cross Site Request Forgery
2022-07-12
(145hits)
CVE-2022-2093 | WP Duplicate Page Plugin bis 1.2 auf WordPress Setting Cross Site Scripting
2022-07-12
(149hits)
CVE-2022-2091 | Cache Images Plugin bis 3.2.0 auf WordPress Cross Site Request Forgery
2022-07-12
(121hits)
CVE-2022-2089 | Bold Page Builder Plugin bis 4.3.2 auf WordPress Setting Cross Site Scripting
2022-07-12
(112hits)
CVE-2022-2050 | WP-Paginate Plugin bis 2.1.8 auf WordPress Setting Cross Site Scripting
2022-07-12
(118hits)
CVE-2022-1957 | Comment License Plugin bis 1.3.x auf WordPress Setting Cross Site Request Forgery
2022-07-12
(117hits)
CVE-2022-1956 | Shortcut Macros Plugin bis 1.3 auf WordPress Cross Site Request Forgery
2022-07-12
(114hits)
CVE-2022-1951 | Core plugin for Kitestudio Plugin bis 2.3.0 auf WordPress AJAX Action Cross Site Scripting
2022-07-12
(113hits)
CVE-2022-1938 | Awin Data Feed Plugin bis 1.6 auf WordPress Analytics Data Cross Site Scripting
2022-07-12
(114hits)
CVE-2022-1937 | Awin Data Feed Plugin bis 1.6 auf WordPress AJAX Action Cross Site Scripting
2022-07-12
(111hits)
CVE-2022-1910 | Shortcodes and Extra Features for Phlox Plugin bis 2.9.7 auf WordPress Cross Site Scripting
2022-07-12
(108hits)
CVE-2022-1894 | Popup Builder Plugin bis 4.1.10 auf WordPress Setting Cross Site Scripting
2022-07-12
(115hits)
CVE-2022-1599 | Admin Management Xtended Plugin bis 2.4.4 auf WordPress Cross Site Request Forgery
2022-07-12
(110hits)
WordPress Visual Slide Box Builder 3.2.9 SQL Injection
2022-07-12
(105hits)
PHP Advisories/Bugs/Vulns frequency for this month
1713841137435810 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

CVE-2022-36750 | Clinics Patient Management System 1.0 /pms/update_user.php id sql injection
2022-08-11
ljusnarsberg.se
2022-08-10
tudorwatch.com
2022-08-10
laravel-markdown-blog
2022-08-10
CVE-2022-2747 | SourceCodester Simple Online Book Store book.php book_isbn sql injection
2022-08-10
CVE-2022-2748 | SourceCodester Simple Online Book Store System /admin/edit.php eid cross site scripting
2022-08-10
CVE-2022-2749 | SourceCodester Gym Management System index.php unrestricted upload
2022-08-10
CVE-2022-2750 | SourceCodester Company Website CMS Add Service add-service.php unrestricted upload
2022-08-10
CVE-2022-2751 | SourceCodester Company Website CMS add-portfolio.php ufile unrestricted upload
2022-08-10
CVE-2022-2744 | SourceCodester Gym Management System Background Management /admin/add_exercises.php exer_img unrestricted upload
2022-08-10
CVE-2022-2745 | SourceCodester Gym Management System Add New Trainer /admin/add_trainers.php trainer_name sql injection
2022-08-10
CVE-2022-2746 | SourceCodester Simple Online Book Store System Admin_ add.php unrestricted upload
2022-08-10
onfido : VDP
2022-08-10
doctolib.de
2022-08-09
CVE-2022-2740 | SourceCodester Company Website CMS Add Blog /dashboard/add-blog.php ufile unrestricted upload
2022-08-09
  News browser

PHP Tutorial PHPBasics Installation Guide, Data Types, Variables, and Operators, Control structures, Functions, Strings, Regular expression, Error Handling, Cookies+Sessions, and many more..

SQLi The SQL Injection Knowledge Base is the ultimate resource regarding SQL Injections. Here you will find everything there is to know about SQL Injections.

phpseclib phpSec is a open-source, PSR-0 compatible, PHP security library that takes care of the common security tasks a web developer faces.

Class:sql_inject - This class is meant to search in your SQL data values for special characters that may change the meaning of your SQL data and execute actions that may compromise the security of servers.

Top 10 Links
÷ phpforge
÷ KillerProtection
÷ PY-Membres
÷ PhenHP Album
÷ ALP - Banner Ad
÷ CuteNews
÷ phpMyNewsletter
÷ LokwaBB
÷ Avotravis
÷ Kietu










French English