Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3
CVE-2019-25215
- EPSS 0.27%
- Published 16.10.2024 07:15:06
- Last modified 16.10.2024 16:38:14
The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file access controls in nearly every file of the plugin in versions up to, and including, 1.1.14. This makes it possible for unauthenticated attackers to call...
5.4
CVE-2020-19156
- EPSS 0.32%
- Published 15.09.2021 14:15:08
- Last modified 21.11.2024 05:08:59
Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called.
1