Vanguard Project CVE

Filtered by vendor Vanguard Project Subscriptions

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-17936	1 Vanguard Project	1 Marketplace Digital Products Php	2024-09-17	N/A
Vanguard Marketplace Digital Products PHP has CSRF via /search.
CVE-2017-17937	1 Vanguard Project	1 Marketplace Digital Products Php	2024-09-16	N/A
Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search.
CVE-2017-17873	1 Vanguard Project	1 Marketplace Digital Products Php	2024-08-05	N/A
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.
CVE-2017-17874	1 Vanguard Project	1 Marketplace Digital Products Php	2024-08-05	N/A
Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI.
CVE-2020-15537	1 Vanguard Project	1 Vanguard	2024-08-04	6.1 Medium
An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS can occur via the mails/new title field, a product field to the p/ URI, or the Products Search box.

Page 1 of 1.