Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ...Result(s) : 129287

Alerts Feed Alerts

DateNameCategoriesDetail
4.32019-09-16CVE-2018-21015cve AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted fil...
7.52019-09-16CVE-2017-18634cve The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php.
7.52019-09-16CVE-2016-10971cve The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required.
4.32019-09-16CVE-2016-10970cve The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.
4.32019-09-16CVE-2016-10969cve The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.
6.52019-09-16CVE-2016-10968cve The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation.
4.32019-09-16CVE-2016-10967cve The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.
52019-09-16CVE-2016-10966cve The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload.
6.42019-09-16CVE-2016-10965cve The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion.
4.32019-09-16CVE-2016-10964cve The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header.
4.32019-09-16CVE-2016-10963cve The icegram plugin before 1.9.19 for WordPress has XSS.
4.32019-09-16CVE-2016-10962cve The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
4.32019-09-16CVE-2016-10961cve The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.
6.52019-09-16CVE-2016-10960cve The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.
42019-09-16CVE-2016-10959cve The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php.
52019-09-16CVE-2016-10958cve The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php.
4.32019-09-16CVE-2016-10957cve The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter.
52019-09-16CVE-2016-10956cve The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
7.52019-09-15CVE-2019-16335cve A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability tha...
3.52019-09-15CVE-2019-16334cve In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ...Result(s) : 129287