CVE-2022-33901
Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress.
Source: CVE-2022-33901
[월:] 2022년 07월
CVE-2022-34650
CVE-2022-34650
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.
Source: CVE-2022-34650
CVE-2022-33960
CVE-2022-33960
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.
Source: CVE-2022-33960
CVE-2022-30998
CVE-2022-30998
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co’s Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.
Source: CVE-2022-30998
CVE-2022-29495
CVE-2022-29495
Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings.
Source: CVE-2022-29495
CVE-2022-27235
CVE-2022-27235
Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.
Source: CVE-2022-27235
CVE-2022-0979
CVE-2022-0979
Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2022-0979
CVE-2022-0980
CVE-2022-0980
Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions.
Source: CVE-2022-0980
CVE-2017-20139
CVE-2017-20139
A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Source: CVE-2017-20139
CVE-2017-20140
CVE-2017-20140
A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input <img src=i onerror=prompt(1)> leads to basic cross site scripting (Reflected). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Source: CVE-2017-20140