Qualityunit Post Affiliate Pro vulnerabilities
3 known vulnerabilities affecting qualityunit/post_affiliate_pro.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2008-5630P3MEDIUMCVSS 6.8PoCv3.0v3.1.42008-12-17
CVE-2008-5630 [MEDIUM] CWE-89 CVE-2008-5630: SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote a
SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter.
nvd
CVE-2008-4602P4MEDIUMCVSS 6.5PoCv2.02008-10-18
CVE-2008-4602 [MEDIUM] CWE-22 CVE-2008-4602: Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
nvd
CVE-2023-38482P4MEDIUMCVSS 4.8≤ 1.25.0≥ n/a, ≤ 1.25.02023-09-03
CVE-2023-38482 [MEDIUM] CWE-79 CVE-2023-38482: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QualityUnit Post Affiliate Pro plu
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QualityUnit Post Affiliate Pro plugin <= 1.25.0 versions.
nvd