CVE-2023-0520

The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cros ...

Continue Reading

May 15, 2023

CVE-2023-0490

The f(x) TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow use ...

Continue Reading

May 15, 2023

CVE-2023-31843

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=.Read More ...

Continue Reading

May 15, 2023

CVE-2023-31845

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=.Read More ...

Continue Reading

May 15, 2023

CVE-2023-0762

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arb ...

Continue Reading

May 15, 2023

CVE-2023-0763

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitra ...

Continue Reading

May 15, 2023

CVE-2023-2111

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

May 15, 2023

vueltaandalucia.es Cross Site Scripting vulnerability OBB-3338605

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

May 15, 2023

1 81,555 81,556 81,557 81,558 81,559 103,380

Back to Main
Subscribe for the latest news: