| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument hem_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. |
| The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing nonce verification on the `ahsc_ajax_reset_options()` function. This makes it possible for unauthenticated attackers to reset all plugin settings to their default values via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'webling_admin_save_form' and 'webling_admin_save_memberlist' functions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject Webling forms and memberlists with arbitrary web scripts that will execute whenever an administrator views the related form or memberlist area of the WordPress admin. |
| The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpr_pending_template' parameter in all versions up to, and including, 1.0.16 due to insufficient input validation. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrator into performing an action such as clicking on a link. |
| The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability checks in the `receive_heartbeat()` function in `includes/class-wp-optimize-heartbeat.php` in all versions up to, and including, 4.5.0. This is due to the Heartbeat handler directly invoking `Updraft_Smush_Manager_Commands` methods without verifying user capabilities, nonce tokens, or the allowed commands whitelist that the normal AJAX handler (`updraft_smush_ajax`) enforces. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke admin-only Smush operations including reading log files (`get_smush_logs`), deleting all backup images (`clean_all_backup_images`), triggering bulk image processing (`process_bulk_smush`), and modifying Smush options (`update_smush_options`). |
| A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. |
| A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. This affects an unknown function of the file /add-category-function.php. Such manipulation of the argument Category leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. |
| A vulnerability was found in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /checkcheckout.php. Performing a manipulation of the argument serviceId results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used. |
| A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fname can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. |
| A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /BranchManagement/ProfitAndLossReport.php. Executing a manipulation of the argument BRANCH_ID can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used. |
| A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affected element is an unknown function of the file /BranchManagement/ServiceAndSalesReport.php. The manipulation of the argument BRANCH_ID leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. |
| A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLE_ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. |
| A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCH_ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. |
| A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argument BRANCH_ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. |
| A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix this issue, it is recommended to deploy a patch. |
| A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Performing a manipulation of the argument Q1 results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. |
| A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. |
| The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.9.7. This is due to missing authorization checks in the `save_course_content_order()` private method, which is called unconditionally by the `tutor_update_course_content_order` AJAX handler. While the handler's `content_parent` branch includes a `can_user_manage()` check, the `save_course_content_order()` call processes attacker-supplied `tutor_topics_lessons_sorting` JSON without any ownership or capability verification. This makes it possible for authenticated attackers with Subscriber-level access or above to detach lessons from topics, reorder course content, and reassign lessons between topics in any course, including admin-owned courses, by sending a crafted AJAX request with manipulated topic and lesson IDs. |
| The Gravity SMTP plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to uninstall and deactivate the plugin and delete plugin options. NOTE: This vulnerability is also exploitable via a Cross-Site Request Forgery vector. |
