Riasztások

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in machouinard Aviation Weather from NOAA allows Path Traversal. This issue affects Aviation...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect allows Privilege Escalation. This issue affects...

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows Upload a Web Shell to a Web Server. This issue affects LogisticsHub: from n/a through 1.1.6.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey allows Reflected XSS. This issue affects Homey: from n/a through 2.4.5.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quantumcloud Simple Link Directory allows SQL Injection. This issue affects Simple...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Pressroom - News Magazine WordPress Theme allows Reflected XSS. This...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ValvePress Rankie allows Reflected XSS. This issue affects Rankie: from n/a through...

Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue affects WP Compress: from n/a through 6.30.30.

Missing Authorization vulnerability in ashanjay EventON allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventON: from n/a through 4.9.9.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File...