Vulnerabilities > Vanguard Project

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-05	CVE-2020-15537	Cross-site Scripting vulnerability in Vanguard Project Vanguard 2.1 An issue was discovered in the Vanguard plugin 2.1 for WordPress. network vanguard-project CWE-79	4.3
2017-12-28	CVE-2017-17937	Cross-site Scripting vulnerability in Vanguard Project Marketplace Digital products PHP Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search. network vanguard-project CWE-79	4.3
2017-12-28	CVE-2017-17936	Cross-Site Request Forgery (CSRF) vulnerability in Vanguard Project Marketplace Digital products PHP Vanguard Marketplace Digital Products PHP has CSRF via /search. network vanguard-project CWE-352	6.8
2017-12-27	CVE-2017-17874	Unrestricted Upload of File with Dangerous Type vulnerability in Vanguard Project Marketplace Digital products PHP 1.4.0 Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI. network low complexity vanguard-project CWE-434	6.5
2017-12-27	CVE-2017-17873	SQL Injection vulnerability in Vanguard Project Marketplace Digital products PHP 1.4.0 Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. network low complexity vanguard-project CWE-89	7.5

Vulnerabilities > Vanguard Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vanguard Project"}]}