Mangallam SQL Injection
Sites powered by Mangallam suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
View ArticleWordPress Aspose Cloud eBook Generator File Download
WordPress Aspose Cloud eBook Generator plugin suffers from an arbitrary file download vulnerability.
View ArticleWordPress Aspose Doc Exporter File Download
WordPress Aspose Doc Exporter plugin suffers from an arbitrary file download vulnerability.
View ArticleWordPress Aspose PDF Exporter File Download
WordPress Aspose PDF Exporter plugin suffers from an arbitrary file download vulnerability.
View ArticleWordPress Aspose Importer / Exporter 1.0 File Download
WordPress Aspose Importer and Exporter plugin version 1.0 suffers from an arbitrary file download vulnerability.
View ArticleWordPress WP-Mon Arbitrary File Download
WordPress WP-Mon plugin suffers from an arbitrary file disclosure vulnerability.
View ArticleWebfactory N&P CMS Arbitrary File Upload
Webfactory N&P CMS suffers from an arbitrary file upload vulnerability. Note that this advisory has site-specific information.
View ArticleWordPress Contact Form To Email Plugin CSRF / XSS
WordPress Contact Form To Email Plugin suffers from cross site request forgery and cross site scripting vulnerabilities.
View ArticleSeditio CMS SQL Injection
Seditio CMS suffers from a remote SQL injection vulnerability.
View ArticleWordPress Simple Backup Arbitrary Download
The WordPress Simple Backup plugin suffers from an arbitrary download vulnerability.
View ArticleNewsletter 4.3 SQL Injection
Newsletter version 4.3 suffers from a remote SQL injection vulnerability.
View ArticleTelegram API Cross Site Request Forgery
Telegram API suffers from a cross site request forgery vulnerability. Note that this advisory has site-specific information.
View ArticleWordPress eShop 6.3.13 Cross Site Scripting
WordPress eShop plugin version 6.3.13 suffers from a cross site scripting vulnerability.
View ArticleDirectAdmin 1.483 Cross Site Request Forgery / Cross Site Scripting
DirectAdmin web control panel version 1.483 suffers from cross site request forgery and cross site scripting vulnerabilities.
View ArticleVideoCharge Studio DLL Hijacking
VideoCharge Studio suffers from a DLL hijacking vulnerability.
View ArticleMy Little Forum 2.3.7 Cross Site Request Forgery / Cross Site Scripting
My Little Forum version 2.3.7 suffers from backup disclosure, cross site request forgery, and multiple cross site scripting vulnerabilities.
View ArticleMy Little Forum 2.3.7 File Disclosure
My Little Forum version 2.3.7 suffers from a file disclosure vulnerability.
View ArticleSweetRice 1.5.1 Cross Site Request Forgery
SweetRice version 1.5.1 suffers from a cross site request forgery vulnerability.
View ArticleSweetRice 1.5.1 Code Execution
SweetRice version 1.5.1 suffers from a code execution vulnerability via the use of a cross site request forgery flaw.
View ArticleSweetRice 1.5.1 Backup Disclosure
SweetRice version 1.5.1 suffers from a backup disclosure vulnerability.
View ArticleSweetRice 1.5.1 Cross Site Request Forgery / Cross Site Scripting
SweetRice version 1.5.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
View ArticleNodCMS Cross Site Request Forgery
NodCMS suffers from a cross site request forgery vulnerability.
View ArticleNodCMS PHP Code Execution
NodCMS suffers from a code execution vulnerability by leveraging a cross site request forgery vulnerability.
View ArticleAcunetix 10.0 DLL Hijacking
Acunetix version 10 suffers from multiple dll hijacking vulnerabilities.
View Article