Security
Headlines
HeadlinesLatestCVEs

Tag

#php

FlatPress 1.3.1 Path Traversal

FlatPress version 1.3.1 suffers from a path traversal vulnerability.

Packet Storm
Open in Source
#vulnerability#windows#google#git#php#auth#firefox
K7 Ultimate Security NULL Pointer Dereference

In K7 Ultimate Security versions prior to 17.0.2019, the driver file (K7RKScan.sys - this version 15.1.0.7) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of a null pointer dereference from IOCtl 0x222010 and 0x222014. At the same time, the drive is accessible to all users in the "Everyone" group.

WordPress MapFig Studio 0.2.1 Cross Site Request Forgery / Cross Site Scripting

WordPress MapFig Studio plugin versions 0.2.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.

WordPress Profilepro 1.3 Cross Site Scripting

WordPress Profilepro plugin versions 1.3 and below suffer from a persistent cross site scripting vulnerability.

WordPress Light Poll 1.0.0 Cross Site Request Forgery

WordPress Light Poll plugin versions 1.0.0 and below suffer from multiple cross site request forgery vulnerabilities.

WordPress PVN Auth Popup 1.0.0 Cross Site Scripting

WordPress PVN Auth Popup plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.

Gas Agency Management 2022 Shell Upload

Gas Agency Management version 2022 suffers from a remote shell upload vulnerability.

Farmacia Gama 1.0 Farmacia Gama 1.0 Cross Site Request Forgery

Farmacia Gama version 1.0 Farmacia Gama version 1.0 suffers from a cross site request forgery vulnerability.

Employees Pay Slip PDF Generator System 1.0 Cross Site Request Forgery

Employees Pay Slip PDF Generator System version 1.0 suffers from a cross site request forgery vulnerability.