Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ajax search vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2012-5853
SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin before 1.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the srch_txt parameter in a...
Ajax Search Project Ajax Search
7.5
CVE-2022-38456
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Search Lite plugin <= 4.10.3 versions....
Ajax Search Project Ajax Search
5.3
CVE-2022-2535
The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a live search are limited to published posts only, allowing unauthenticated users to make a crafted query disclosing private/draft/pending post titles along with their permalink...
Searchwp Searchwp Live Ajax Search
7.5
CVSSv3
CVE-2020-12070
The Advanced Woo Search plugin version through 1.99 for Wordpress suffers from a sensitive information disclosure vulnerability in every ajax search request via the sql field to includes/class-aws-search.php....
Advanced-woo-search Advanced Woo Search
9.8
CVE-2022-4297
The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unauthenticated SQL injection...
Netflixtech Wp Autocomplete Search
4.3
CVSSv3
CVE-2019-16251
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes....
Yithemes Yith Woocommerce WishlistYithemes Yith Woocommerce CompareYithemes Yith Woocommerce Quick ViewYithemes Yith Woocommerce Zoom MagnifierYithemes Yith Woocommerce Ajax SearchYithemes Yith Woocommerce Badge ManagementYithemes Yith Woocommerce Brands Add-onYithemes Yith Woocommerce Request A QuoteYithemes Yith Woocommerce Social LoginYithemes Yith Woocommerce Order TrackingYithemes Yith Woocommerce Pdf Invoice And Shipping ListYithemes Yith Pre-order For WoocommerceYithemes Yith Woocommerce Advanced ReviewsYithemes Yith Woocommerce Product Add-onsYithemes Yith Woocommerce Gift CardsYithemes Yith Woocommerce SubscriptionYithemes Yith Woocommerce AffiliatesYithemes Yith Woocommerce Cart MessagesYithemes Yith Woocommerce Product BundlesYithemes Yith Woocommerce Frequently Bought TogetherYithemes Yith Woocommerce Multi-step CheckoutYithemes Yith Color And Label Variations For WoocommerceYithemes Yith Custom Thank You Page For WoocommerceYithemes Yith Product Size Charts For WoocommerceYithemes Yith Woocommerce Added To Cart PopupYithemes Yith Woocommerce Bulk Product EditingYithemes Yith Woocommerce StripeYithemes Yith Woocommerce Waiting ListYithemes Yith Woocommerce Points And RewardsYithemes Yith Advanced Refund System For WoocommerceYithemes Yith Woocommerce Authorize.net Payment GatewayYithemes Yith Woocommerce Best SellersYithemes Yith Woocommerce MailchimpYithemes Yith Woocommerce Multi VendorYithemes Yith Woocommerce Questions And AnswersYithemes Yith Woocommerce Recover Abandoned CartYithemes Yith Paypal Express Checkout For WoocommerceYithemes Yith Desktop Notifications For Woocommerce
NA
CVE-2012-5164
Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in...
Fork-cms Fork Cms 2.6.2Fork-cms Fork Cms 2.6.3Fork-cms Fork Cms 2.3.1Fork-cms Fork Cms 2.0.1Fork-cms Fork Cms 2.6.12Fork-cms Fork Cms 3.1.0Fork-cms Fork Cms 2.6.4Fork-cms Fork Cms 2.6.7Fork-cms Fork Cms 3.1.6Fork-cms Fork Cms 3.2.1Fork-cms Fork Cms 2.4.0Fork-cms Fork Cms 2.4.1Fork-cms Fork Cms 2.0.2Fork-cms Fork Cms 3.1.2Fork-cms Fork Cms 3.0.0Fork-cms Fork Cms 2.6.9Fork-cms Fork Cms 2.6.6Fork-cms Fork Cms 3.2.5Fork-cms Fork Cms 3.2.4Fork-cms Fork Cms 3.2.2Fork-cms Fork Cms 3.1.9Fork-cms Fork Cms 2.5.1Fork-cms Fork Cms 2.5.2Fork-cms Fork Cms 2.1.0Fork-cms Fork Cms 3.1.1Fork-cms Fork Cms 3.1.4Fork-cms Fork Cms 2.6.8Fork-cms Fork Cms 2.6.11Fork-cms Fork Cms 3.2.3Fork-cms Fork Cms 3.1.7Fork-cms Fork Cms 3.2.0Fork-cms Fork CmsFork-cms Fork Cms 2.6.1Fork-cms Fork Cms 2.2.0Fork-cms Fork Cms 2.3.0Fork-cms Fork Cms 3.1.3Fork-cms Fork Cms 2.6.13Fork-cms Fork Cms 2.6.10Fork-cms Fork Cms 2.6.5Fork-cms Fork Cms 3.1.8Fork-cms Fork Cms 3.1.5Fork-cms Fork Cms 2.6.0
9.8
CVSSv3
CVE-2020-8519
SQL injection with the search parameter in Records.php for phpzag live add edit delete data tables records with ajax php mysql...
Phpzag Phpzag -
NA
CVE-2015-6516
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php....
Cygnux Syspass
NA
CVE-2014-4759
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x through 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in the search...
Ibm Business Process Manager 8.5.0.0Ibm Business Process Manager 8.5.0.1Ibm Business Process Manager 8.5.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675CVE-2023-21072physicalCVE-2023-28446encryptionCVE-2023-21076server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook