• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2021-25877

February 23, 2023 by

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php.

CVE-2021-25770

February 23, 2023 by

In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.

CVE-2021-25808

February 23, 2023 by

A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.

CVE-2021-25251

February 23, 2023 by

The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program’s password protection and disable protection. An attacker must already have administrator privileges on the machine to exploit this vulnerability.

CVE-2021-25283

February 23, 2023 by

An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.

CVE-2021-24942

February 23, 2023 by

The Menu Item Visibility Control WordPress plugin through 0.5 doesn’t sanitize and validate the “Visibility logic” option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 189
  • Go to page 190
  • Go to page 191
  • Go to page 192
  • Go to page 193
  • Interim pages omitted …
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE