Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 – 'Drupalgeddon2' Remote Code Execution (PoC)
>> ARCHIVE: 2018-04
iScripts SonicBB version 1.0 suffers from a cross site scripting vulnerability.
WordPress File Upload plugin version 4.3.2 suffers from a persistent cross site scripting vulnerability.
WordPress Google Drive plugin version 2.2 suffers from a remote code execution vulnerability.
iScripts Easycreate version 3.2.1 suffers from a stored cross site scripting vulnerability.
DVD X Player Standard version 5.5.3.9 suffers from a buffer overflow vulnerability.
WooCommerce CSV-Importer-Plugin version 3.3.6 suffers from a remote code execution vulnerability.
WordPress Activity Log plugin version 2.4.0 suffers from a persistent cross site scripting vulnerability.
WordPress File Upload plugin version 4.3.3 suffers from a persistent cross site scripting vulnerability.
OCS Inventory NG ocsreports version 2.4 suffers from a cross site scripting vulnerability.