|
1671
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files allows Upload a Web Shell to a Web Server. This issue affects user files: from n/a through 2.4.2.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-23953
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1672
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mihajlovic Nenad Improved Sale Badges – Free Version allows PHP Local File Inc…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-23949
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1673
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebArea Background animation blocks allows PHP Local File Inclusion. This issu…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-23948
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1674
|
- |
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-23944
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1675
|
- |
|
-
|
-
|
ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions up to and including 3.3.2. This can not be exploited in a fres…
|
CWE-79
Cross-site Scripting
|
CVE-2025-24027
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1676
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows Upload a Web Shell to a Web Server. This issue affects WP Load Gallery: from n/a through 2.1.6.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-23942
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1677
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Image Gallery Box by CRUDLab allows PHP Local File Inclusion. This is…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-23938
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1678
|
- |
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection. This issue affects Quick Count: from n/a through 3.00.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-23932
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1679
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WordPress Local SEO allows Blind SQL Injection. This issue affects WordPress Local SEO: …
|
CWE-89
SQL Injection
|
CVE-2025-23931
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1680
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for Gravity Forms allows Upload a Web Shell to a Web Server. This issue affects Multi Uploader for Gravity For…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-23921
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
