Filtered by vendor Codecanyon
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8954 | 1 Codecanyon | 1 Phpsound | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3) filter parameter in an explore action to index.php. | ||||
| CVE-2024-8671 | 2 Codecanyon, Exthemes | 2 Wooevents, Wooevents | 2024-09-26 | 9.1 Critical |
| The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to overwrite arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2024-8945 | 2 Codecanyon, Fairsketch | 2 Rise Ultimate Project Manager, Rise Ultimate Project Manager | 2024-09-25 | 5.5 Medium |
| A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. This vulnerability affects unknown code of the file /index.php/dashboard/save. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | ||||
| CVE-2024-9030 | 2 Codecanyon, Workdo | 2 Crmgo Saas, Crmgo Saas | 2024-09-25 | 3.5 Low |
| A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/{note_id}/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9031 | 2 Codecanyon, Workdo | 2 Crmgo Saas, Crmgo Saas | 2024-09-25 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/{task_id}/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
Page 1 of 1.