Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution throu ...
Continue Reading
August 15, 2023
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the âuser-submitted-contentâ parameter in versions up to, and including, 20230809 due to insuff ...
Continue Reading
August 15, 2023
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attack ...
Continue Reading
August 15, 2023
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by ...
Continue Reading
August 14, 2023
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmpp_ ...
Continue Reading
August 12, 2023
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execu ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles GraphQL mutations. An attacker can exploit this vulnerability to perform Git acti ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles OAuth subscriptions. An attacker can exploit this vulnerability to generate OAuth ...
Continue Reading
August 12, 2023
Back to Main
