| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function save_expired of the file /ajax.php?action=save_expired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. |
| A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious web page. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Cinerama cinerama allows PHP Local File Inclusion.This issue affects Cinerama: from n/a through <= 2.9. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through <= 1.3.15. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Puca puca allows PHP Local File Inclusion.This issue affects Puca: from n/a through <= 2.6.39. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.7.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects Greenmart: from n/a through <= 4.2.11. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper-pack allows PHP Local File Inclusion.This issue affects TopperPack – Complete Elementor Addons, Theme & CPT Builder: from n/a through <= 1.2.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through <= 1.3.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows PHP Local File Inclusion.This issue affects WooCommerce Coming Soon Product with Countdown: from n/a through <= 5.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Opal_WP ekommart ekommart allows PHP Local File Inclusion.This issue affects ekommart: from n/a through < 4.3.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in MatrixAddons Easy Invoice easy-invoice allows PHP Local File Inclusion.This issue affects Easy Invoice: from n/a through <= 2.1.4. |
| Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
These vulnerabilities are due to improper sanitization of user input to the web-based management interface. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from an affected system. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aguilatechnologies WP Customer Area customer-area allows PHP Local File Inclusion.This issue affects WP Customer Area: from n/a through <= 8.3.5. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PoloPag PoloPag – Pix Automático para Woocommerce wc-polo-payments allows PHP Local File Inclusion.This issue affects PoloPag – Pix Automático para Woocommerce: from n/a through <= 2.0.9. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Agence web Eoxia – Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through <= 3.0.2. |
| Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
These vulnerabilities are due to improper sanitization of user input to the web-based management interface. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from an affected system. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essential-real-estate allows PHP Local File Inclusion.This issue affects Essential Real Estate: from n/a through <= 5.2.9. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in svil4ok Meta Keywords & Description wp-meta-keywords-meta-description allows PHP Local File Inclusion.This issue affects Meta Keywords & Description: from n/a through <= 0.8. |
