manager,
-
A vulnerability was found in Colin Tomele Board Document Manager from CHUHPL Plugin up to 1.9.1 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-54238. It is possible to launch the attack remotely. There is no exploit available.
-
CVE-2009-3219 | The-ghost AR Web Content Manager 2.1 a.php a path traversal (EDB-9237 / XFDB-51979)
·
A vulnerability classified as critical has been found in The-ghost AR Web Content Manager 2.1. This affects an unknown part of the file a.php of the component Web Content Manager. The manipulation of the argument a leads to path traversal. This vulnerability is uniquely identified as CVE-2009-3219. It is possible to initiate the attack remotely.…
-
A vulnerability was found in Siber Systems RoboForm Password Manager up to 9.7.3 on Android. It has been classified as critical. Affected is an unknown function. The manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2025-26700. It is possible to launch the attack on the physical device. There is no…
-
A vulnerability was found in Download Manager Plugin up to 3.3.02 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-10706. The attack may be initiated remotely. There is no exploit available.…
-
A vulnerability has been found in Automattic WP Job Manager Plugin up to 2.1.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-37241. The attack can be initiated remotely. There is no exploit available.
-
A vulnerability classified as critical has been found in wedevs WP Project Manager Plugin up to 2.6.17 on WordPress. This affects an unknown part. The manipulation of the argument orderby leads to sql injection. This vulnerability is uniquely identified as CVE-2024-13500. It is possible to initiate the attack remotely. There is no exploit available.
-
* bsc#1212641 * bsc#1219912 * bsc#1229079 * bsc#1229104 * bsc#1231024
-
* bsc#1212641 * bsc#1219912 * bsc#1229079 * bsc#1229104 * bsc#1231024
-
* bsc#1228182 * bsc#1228690 * bsc#1229079 * bsc#1229104 * bsc#1230361
-
* bsc#1229079 * bsc#1229104 * bsc#1230361 * bsc#1231497 * bsc#1231568
-
* bsc#1229079 * bsc#1229104 * bsc#1231497 * bsc#1231568 * bsc#1231759
-
A vulnerability, which was classified as problematic, has been found in magepeopleteam Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration Plugin up to 2.2.1 on WordPress. This issue affects some unknown processing. The manipulation of the argument active_tab leads to cross site scripting. The identification of this vulnerability is CVE-2024-12412. The…
-
Devolutions have disclosed critical vulnerabilities in its Remote Desktop Manager (RDM) software, which could allow attackers to intercept and modify encrypted communications through man-in-the-middle (MITM) attacks. These flaws stem from improper certificate validation across all platforms and have been assigned high-severity CVE identifiers. CVE-2025-1193 Improper Host Validation CVE-2025-1193 has been assigned to this vulnerability, with…
-
Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, contains an obfuscated backdoor capable of providing attackers with persistent
-
Hackers have been exploiting Google Tag Manager (GTM) to steal sensitive credit card information from eCommerce sites, particularly those built on the Magento platform. This sophisticated attack shows the evolving tactics of cybercriminals in leveraging legitimate tools for malicious purposes. Google Tag Manager is a free tool provided by Google that allows website owners to…
-
A vulnerability classified as problematic has been found in Websense Personal Email Manager up to 7.0. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2009-3748. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the…
-
A vulnerability classified as problematic was found in PickPlugins Job Board Manager Plugin up to 2.1.59 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2025-24622. The attack can be initiated remotely. There is no exploit available.