CVE-2021-30134

php-mod/curl (a wrapper of the PHP cURL extension) before 2.3.2 allows XSS via the post_file_path_upload.php key parameter and the POST data to post_multidimensional.php.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:php_curl_class_project:php_curl_class:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:ht_slider_range_for_amazon_affiliates_project:ht_slider_range_for_amazon_affiliates:*:*:*:*:*:wordpress:*:*

Configuration 3 (hide)

cpe:2.3:a:qiwi:woo-qiwi-payment-gateway:*:*:*:*:*:wordpress:*:*

Configuration 4 (hide)

cpe:2.3:a:teamleade:teamleader_crm_forms:*:*:*:*:*:wordpress:*:*

Configuration 5 (hide)

cpe:2.3:a:ptwooplugins:invoicing_with_invoicexpress_for_woocommerce:*:*:*:*:*:wordpress:*:*

Configuration 6 (hide)

cpe:2.3:a:shopello_api_project:shopello_api:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-12-25 23:15

Updated : 2023-01-04 19:00


NVD link : CVE-2021-30134

Mitre link : CVE-2021-30134


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

qiwi

  • woo-qiwi-payment-gateway

php_curl_class_project

  • php_curl_class

shopello_api_project

  • shopello_api

teamleade

  • teamleader_crm_forms

ht_slider_range_for_amazon_affiliates_project

  • ht_slider_range_for_amazon_affiliates

ptwooplugins

  • invoicing_with_invoicexpress_for_woocommerce