Filtered by vendor Vanguard Project
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-15537 | 1 Vanguard Project | 1 Vanguard | 2024-11-21 | 6.1 Medium |
An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS can occur via the mails/new title field, a product field to the p/ URI, or the Products Search box. | ||||
CVE-2017-17937 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2024-11-21 | N/A |
Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search. | ||||
CVE-2017-17936 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2024-11-21 | N/A |
Vanguard Marketplace Digital Products PHP has CSRF via /search. | ||||
CVE-2017-17874 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2024-11-21 | N/A |
Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI. | ||||
CVE-2017-17873 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2024-11-21 | N/A |
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. |
Page 1 of 1.