Piwigo version 13.5.0 suffers from a remote SQL injection vulnerability.
b4b2bf2bd02e5e6e2f24ce835e44e52d016f467252a6d79a30e013c6f3028a74
WordPress WPvivid Backup plugin versions prior to 0.9.76 suffer from a path traversal vulnerability.
fb090fe06b8107185b5b73bdfac52e984a5bd3987e4e8a14397734095d06addf
LiquidFiles version 3.4.15 suffers from a cross site scripting vulnerability.
64fb0fffa85d330dbc47f539a594fa8fcad4c9362b419983c93474d08ba4e151
PHPIPAM version 1.4.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
050c77ae0f13a5b4247218de44f8bf133ca516aae7da4d73aba802231bdde893
PHPIPAM version 1.4.4 suffers from an authenticated remote SQL injection vulnerability.
52735c203f763f807bb821587b48986c8565cba03c4abbab39523388cea432b8
Envira Gallery Lite edition version 1.8.3.2 suffers from a cross site scripting vulnerability.
9dbf149ef3ee66457f73ea7147ed74161ff3ef6881909b863f14b4bf54649b7c
Typesetter CMS version 5.1 authenticated remote code execution exploit.
88686ca78f33a87564ebb395cb531dd62ea51ec4e0d7bece14f7859cf8a4c103
Typesetter version 5.1 is vulnerable to code execution via /index.php/Admin/Uploaded. An attacker can exploit this by uploading a zip that contains a malicious php file inside. After extracting the zip file containing the malicious php file, it is possible to execute commands on the target operation system.
ee974c9d37c8aba758fd4db3a34e859ee9e9a7a9e7db287f6d35e858f330de34
GilaCMS version 1.11.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
6603d87a861a3d845fa61f9b588c6b86e0c8fe070114880b2f66b4cd804da8df
Piwigo version 2.9.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
8a705d66a11dea3ced8ff1ddbb628df03886926a4d88a4506f71c1bceda77cb7