#php

The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the via the delete-all-comments.php file in versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthenticated settings reset in versions up to, and including 1.8.1 due to missing capability checks in the ~/functions/data-reset-post.php file which makes it possible for unauthenticated attackers to trigger a plugin settings reset.

The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker to trick the function into thinking it has a valid hash. This makes it possible for unauthenticated attackers to gain administrator privileges.

An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid and role parameters in the out.UsrMgr.php file.

Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to bypass authentication by re-using the IP address assigned to the device by the NAT protocol.

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user.

PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.

Expert Job Portal Management System version 1.0 suffers from a cross site scripting vulnerability.

A vulnerability, which was classified as critical, was found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file view_service.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230799.

A vulnerability, which was classified as critical, has been found in SourceCodester Service Provider Management System 1.0. Affected by this issue is some unknown functionality of the file view.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-230798 is the identifier assigned to this vulnerability.