CVE-2021-25082
The Popup Builder WordPress plugin before 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a…
Devamını oku
Kategori: Təhlükəsizlik Zəiflikləri
CVE-2021-25099
The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request…
CVE-2021-25100
The GiveWP WordPress plugin before 2.17.3 does not escape the s parameter before outputting it back in an attribute in the Donation Forms dashboard, leading…
CVE-2021-25101
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of…
[webapps] Cab Management System 1.0 – Remote Code Execution (RCE) (Authenticated)
Cab Management System 1.0 – Remote Code Execution (RCE) (Authenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[webapps] Microweber 1.2.11 – Remote Code Execution (RCE) (Authenticated)
Microweber 1.2.11 – Remote Code Execution (RCE) (Authenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[webapps] Cab Management System 1.0 – ‘id’ SQLi (Authenticated)
Cab Management System 1.0 – ‘id’ SQLi (Authenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[webapps] WordPress Plugin Perfect Survey – 1.5.1 – SQLi (Unauthenticated)
WordPress Plugin Perfect Survey – 1.5.1 – SQLi (Unauthenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[local] HMA VPN 5.3 – Unquoted Service Path
HMA VPN 5.3 – Unquoted Service Path Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[webapps] Thinfinity VirtualUI 2.5.26.2 – Information Disclosure
Thinfinity VirtualUI 2.5.26.2 – Information Disclosure Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed