National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 27,244 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2020-7229

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). The file is _lib/class.Job.php.

Published: January 21, 2020; 12:15:12 PM -05:00
(not available)
CVE-2019-14767

In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence (dossier=../) and servletrecuperefichier (document=../) allows an unauthenticated user to download arbitrary files from the server.

Published: January 21, 2020; 11:15:12 AM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-7246

A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.

Published: January 21, 2020; 09:15:13 AM -05:00
(not available)
CVE-2020-7239

The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent.

Published: January 21, 2020; 12:15:11 AM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-20385

The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI.

Published: January 20, 2020; 08:15:10 PM -05:00
(not available)
CVE-2019-20381

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.

Published: January 20, 2020; 01:15:11 AM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-7237

Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.

Published: January 20, 2020; 12:15:11 AM -05:00
(not available)
CVE-2020-7104

The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter.

Published: January 17, 2020; 06:15:13 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-7048

The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state (deleting all site content stored in that table), as demonstrated by a wp-admin/admin-post.php?db-reset-tables[]=comments URI.

Published: January 16, 2020; 04:15:12 PM -05:00
V3.1: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2020-7047

The WordPress plugin, WP Database Reset through 3.1, contains a flaw that gave any authenticated user, with minimal permissions, the ability (with a simple wp-admin/admin.php?db-reset-tables[]=users request) to escalate their privileges to administrator while dropping all other users from the table.

Published: January 16, 2020; 04:15:12 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2020-7107

The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php.

Published: January 16, 2020; 12:15:11 AM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-7106

Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).

Published: January 15, 2020; 11:15:11 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-19859

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anything in the database.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-19858

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2019-19857

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An admin can change their password without providing the current password, by using interfaces outside the Change Password screen. Thus, requiring the admin to enter an Old Password value on the Change Password screen does not enhance security. This is problematic in conjunction with XSS.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-19856

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The User Type on the admin/list_user page allows stored XSS via the type parameter.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2019-19855

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2019-19854

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. It does not use CSRF Tokens to mitigate against CSRF; it uses the Origin header (which must match the request origin). This is problematic in conjunction with XSS: one can escalate privileges from User level to Administrator.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2009-5068

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords.

Published: January 15, 2020; 04:15:11 PM -05:00
V3.1: 7.2 HIGH
    V2: 3.5 LOW
CVE-2015-6591

Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter.

Published: January 15, 2020; 02:15:12 PM -05:00
V3.1: 5.5 MEDIUM
    V2: 2.1 LOW