CVE-2021-30134: XSS
First published: Mon Dec 26 2022(Updated: )
php-mod/curl (a wrapper of the PHP cURL extension) before 2.3.2 allows XSS via the post_file_path_upload.php key parameter and the POST data to post_multidimensional.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Php Curl Class Project Php Curl Class | <2.3.2 | |
| Ht Slider Range For Amazon Affiliates Project Ht Slider Range For Amazon Affiliates | <1.1.6 | |
| Qiwi Woo-qiwi-payment-gateway | <=0.0.9 | |
| Teamleade Teamleader Crm Forms | <2.1.0 | |
| Ptwooplugins Invoicing With Invoicexpress For Woocommerce | <3.0.3 | |
| Shopello Api Project Shopello Api | <=2.9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/php curl class project
- canonical/php curl class project php curl class
- vendor/ht slider range for amazon affiliates project
- canonical/ht slider range for amazon affiliates project ht slider range for amazon affiliates
- vendor/qiwi
- canonical/qiwi woo-qiwi-payment-gateway
- version/qiwi woo-qiwi-payment-gateway/0.0.9
- vendor/teamleade
- canonical/teamleade teamleader crm forms
- vendor/ptwooplugins
- canonical/ptwooplugins invoicing with invoicexpress for woocommerce
- vendor/shopello api project
- canonical/shopello api project shopello api
- version/shopello api project shopello api/2.9.0