关键字 的搜索结果 (15108)

CVE-2018-3811(发布:2018-01-01 01:29:00)NMP
CVSSN/A

[原文]SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.

CVE-2015-3302(发布:2017-12-29 17:29:00)NMP
CVSS5.0

[原文]The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a "broken authentication mechanism."

CVE-2014-8389(发布:2017-12-27 21:29:03)NMCPS
CVSS10.0

[CNNVD]OvisLink AirLive IP Cameras WL-2000CAM和Airlive IP Cameras POE-200CAM 操作系统命令注入漏洞--OvisLink Airlive IP Cameras WL-2000CAM和Airlive IP Cameras POE-200CAM都是欧立科技(OvisLink)公司的网络摄像机产品。 OvisLink AirLive IP Cameras WL-2000CAM和Airli...

CVE-2015-7889(发布:2017-12-27 21:29:03)NMP
CVSSN/A

[原文]The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent.

CVE-2015-7324(发布:2017-12-27 14:29:00)NMP
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.

CVE-2015-7666(发布:2017-12-27 14:29:00)NMP
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the cal parameter.

首页上一页4567891011下一页尾页 第6页 / 共2518页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站