The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE Date published : 2022-05-16 https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18
The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks...
The th23 Social WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html...
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it...
The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album’s name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin...
The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available...
Code Injection in GitHub repository publify/publify prior to 9.2.8. Date published : 2022-05-16 https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7
Improper Access Control in GitHub repository publify/publify prior to 9.2.8. Date published : 2022-05-16 https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a...
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used...
Gitea before 1.16.7 does not escape git fetch remote. Date published : 2022-05-15 https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/ https://github.com/go-gitea/gitea/pull/19487
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in GuzzleHttpCookieFileCookieJar.php. Date published : 2022-05-15 https://github.com/1nhann/vulns/issues/2
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in IlluminateBroadcastingPendingBroadcast.php and dispatch($command) in IlluminateBusQueueingDispatcher.php. Date published : 2022-05-15 https://github.com/1nhann/vulns/issues/1
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++...