[webapps] Pyro CMS 3.9 – Server-Side Template Injection (SSTI) (Authenticated)
Pyro CMS 3.9 – Server-Side Template Injection (SSTI) (Authenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
Pyro CMS 3.9 – Server-Side Template Injection (SSTI) (Authenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
Lucee 5.4.2.17 – Authenticated Reflected XSS Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
Adlisting Classified Ads 2.14.0 – WebPage Content Information Disclosure Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
The event analysis component in Zoho ManageEngine ADAudit Plus 7.1.1 allows an attacker to bypass audit detection by creating or renaming user accounts with a…
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…
The Qubely WordPress plugin before 1.8.6 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qubely_send_form_data AJAX action. Zafiyet ile ilgili Genel…
The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as…
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI…
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which…