The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.
Published at: June 15, 2020 at 10:15AM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2019-19111
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.
Published at: June 15, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-19112
The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.
Published at: June 15, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-16252
Missing SSL Certificate Validation in the Nutfind.com application through 3.9.12 for Android allows a man-in-the-middle attacker to sniff and manipulate all API requests, including login credentials and location data.
Published at: June 12, 2020 at 07:15PM
View on website
New vulnerability on the NVD: CVE-2019-15123
The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site.
Published at: June 12, 2020 at 05:15PM
View on website
Educ Arte Económico 