Filtered by vendor Solwininfotech
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45078 | 1 Solwininfotech | 1 User Blocker | 2023-11-14 | N/A | 7.2 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects User Blocker: from n/a through 1.5.5. | |||||
| CVE-2023-3435 | 1 Solwininfotech | 1 User Activity Log | 2023-08-21 | N/A | 9.8 CRITICAL |
| The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks. | |||||
| CVE-2023-2761 | 1 Solwininfotech | 1 User Activity Log | 2023-07-31 | N/A | 7.2 HIGH |
| The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the `txtsearch` parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin. | |||||