[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 246942 Download | Alert*

An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields.

An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS can occur via the mails/new title field, a product field to the p/ URI, or the Products Search box.

XSS can occur in We-com Municipality portal CMS 2.1.x via the cerca/ search bar.

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field.

We-com OpenData CMS 2.0 allows SQL Injection via the username field on the administrator login page.

SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution.

SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command.

SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path.

An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter.


Pages:      Start    12474    12475    12476    12477    12478    12479    12480    12481    12482    12483    12484    12485    12486    12487    ..   24694

© SecPod Technologies