grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames Date published : 2021-09-27 https://huntr.dev/bounties/d73f24a8-302b-4f9f-abb8-54688abd9813 https://github.com/getgrav/grav-plugin-admin/commit/853abfbbd3c14a0a601c941dcfaa3858b6283b69
Certain Federal Office of Information Technology Systems and Telecommunication FOITT products are affected by improper handling of exceptional conditions. This affects COVID Certificate App IOS 2.2.0 and below affected, patch in progress and COVID...
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution. Date published : 2021-09-27 https://www.manageengine.com https://www.manageengine.com/products/ad-manager/release-notes.html#7111
Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. Date published : 2021-09-27 https://www.manageengine.com https://www.manageengine.com/products/ad-manager/release-notes.html#7111
Kingdee KIS Professional Edition has a privilege escalation vulnerability. Attackers can use the vulnerability to gain computer administrator rights via unspecified loopholes. Date published : 2021-09-27 https://github.com/purple-WL/CNVD-2020-75301/issues/1 https://www.cnvd.org.cn/flaw/show/2740765
There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain...
Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions
Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions
Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions
Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions