CVE-2021-24803
The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a…
The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a…
The Cost Calculator WordPress plugin through 1.4 allows users with a role as low as Contributor to perform path traversal and local PHP file inclusion…
The Support Board WordPress plugin before 3.3.6 does not have any CSRF checks in actions handled by the include/ajax.php file, which could allow attackers to…
The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter before using it in a SQL statement in the admin…
The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to…
The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/<domain>/en.xml (and similar pathnames for other languages),…
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored…
WAGO 750-8212 PFC200 G2 2ETH RS – Privilege Escalation Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
Casdoor 1.13.0 – SQL Injection (Unauthenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
Cobian Backup Gravity 11.2.0.582 – ‘CobianBackup11’ Unquoted Service Path Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed