In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. Zafiyet ile ilgili…

In Moodle, the file repository’s URL parsing required additional recursion handling to mitigate the risk of recursion denial of service. Zafiyet ile ilgili Genel Bilgi,…

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

In Moodle, an SQL injection risk was identified in the library fetching a user’s recent courses. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

In Moodle, an SQL injection risk was identified in the library fetching a user’s enrolled courses. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

A vulnerability classified as problematic has been found in woo-popup Plugin up to 1.2.2. This affects an unknown part of the file admin/class-woo-popup-admin.php. The manipulation…

Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c allows attackers execute arbitrary code via the /agc/vicidial.php, agc/vicidial-greay.php, and /vicidial/KHOMP_admin.php parameters. Zafiyet ile ilgili…

A vulnerability was found in Fastly Plugin up to 0.97. It has been rated as problematic. Affected by this issue is the function post of…

The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files…

The Replyable WordPress plugin before 2.2.10 does not validate the class name submitted by the request when instantiating an object in the prompt_dismiss_notice action and…