Security
Headlines
HeadlinesLatestCVEs

Tag

#php

Innovins CMS 4.7 SQL Injection

Innovins CMS version 4.7 suffers from a remote SQL injection vulnerability.

Packet Storm
Open in Source
#sql#vulnerability#windows#google#php#auth#firefox
Online ID Generator 1.0 SQL Injection / Shell Upload

Online ID Generator version 1.0 suffers from remote SQL injection that allows for login bypass and remote shell upload vulnerabilities.

Islam CMS 1.0 Code Injection

Islam CMS version 1.0 suffers from a remote PHP code injection vulnerability.

Invasor Diagonal CMS 1.0 Cross Site Scripting

Invasor Diagonal CMS version 1.0 suffers from a cross site scripting vulnerability.

InterPhoto 2.3.0 Shell Upload

InterPhoto version 2.3.0 suffers from a remote shell upload vulnerability.

CVE-2023-2188: utils.php in colibri-page-builder/trunk/extend-builder – WordPress Plugin Repository

The Colibri Page Builder for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 1.0.227 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2023-2279: Diff [2905046:2905795] for wpdirectorykit/trunk – WordPress Plugin Repository

The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on the 'admin_page_display' function. This makes it possible for unauthenticated attackers to delete or change plugin settings, import demo data, modify or delete Directory Kit related posts and terms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Partial patches were made avilable in versions 1.2.0 and 1.2.1 but the issue was not fully patched until 1.2.2

CVE-2023-3162: Changeset 2925361 for payment-gateway-stripe-and-woocommerce-integration – WordPress Plugin Repository

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.

CVE-2023-2353: Changeset 2926660 for chp-ads-block-detector – WordPress Plugin Repository

The CHP Ads Block Detector plugin for WordPress is vulnerable to unauthorized plugin settings update and reset due to a missing capability check on the chp_abd_action function in versions up to, and including, 3.9.4. This makes it possible for subscriber-level attackers to change or reset plugin settings. CVE-2023-36509 appears to be a duplicate of this issue.

CVE-2023-3677: woocommerce-pdf-invoice-ajax.php in woo-pdf-invoice-builder/trunk – WordPress Plugin Repository

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for subscribers or higher to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.