Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
patchstackMustLivePATCHSTACK:7A0661D6058CA39D1076B7D5A5551797
HistoryJun 14, 2012 - 12:00 a.m.

WordPress SWFUpload Plugin <= 2.2.0.1 - XSS #1

2012-06-1400:00:00
MustLive
patchstack.com
11

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

JSON

Because of this vulnerability in swfupload.swf, the attackers can inject arbitrary web script or HTML via the โ€œmovieNameโ€ parameter.

Solution

           Update the plugin.
CPENameOperatorVersion
swfuploadle2.2.0.1

Related

packetstorm 4
securityvulns 5
threatpost 2
openvas 2
seebug 1
zdt 2
cve 4
prion 4
typo3 1
ubuntucve 2
debiancve 2
nessus 1
packetstorm
packetstorm
WordPress 3.3.1 swfupload.swf Cross Site Scripting
2012-11-09 00:00:00
SWF Upload Cross Site Scripting
2012-11-13 00:00:00
Dotclear 2.4.4 Cross Site Scripting / Content Spoofing
2013-04-13 00:00:00
securityvulns
securityvulns
CS and XSS vulnerabilities in SWFUpload
2013-03-11 00:00:00
XSS vulnerability in swfupload in WordPress
2012-11-18 00:00:00
XSS and CS vulnerabilities in Dotclear
2013-05-06 00:00:00
threatpost
threatpost
Issue with SWFUploader Could Lead to XSS Vulnerabilities, Content Spoofing
2013-03-12 19:10:36
Yahoo Mail Breach Linked to Old WordPress Vulnerability
2013-02-01 03:42:54
openvas
openvas
FreeBSD Ports: typo3
2012-08-10 00:00:00
TYPO3 SWFUpload movieName Cross Site Scripting Vulnerability
2014-01-02 00:00:00
seebug
seebug
Turbomail้‚ฎไปถ็ณป็ปŸXSS-1
2014-12-24 00:00:00
zdt
zdt
Dotclear XSS Vulnerabilities
2013-04-14 00:00:00
Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities
2014-01-23 00:00:00
cve
cve
CVE-2012-3414
2013-07-19 14:36:00
CVE-2012-2399
2012-04-21 23:55:00
CVE-2013-4146
2022-06-30 13:15:00
prion
prion
Cross site scripting
2013-07-19 14:36:00
Design/Logic Flaw
2022-06-30 13:15:00
Cross site scripting
2012-04-21 23:55:00
typo3
typo3
Cross-Site Scripting Vulnerability in TYPO3 Core
2012-07-04 00:00:00
ubuntucve
ubuntucve
CVE-2012-3414
2013-07-19 00:00:00
CVE-2012-2399
2012-04-21 00:00:00
debiancve
debiancve
CVE-2012-3414
2013-07-19 14:36:00
CVE-2012-2399
2012-04-21 23:55:00
nessus
nessus
WordPress < 3.3.2 Multiple Vulnerabilities
2012-05-09 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

JSON
Related for PATCHSTACK:7A0661D6058CA39D1076B7D5A5551797
packetstorm4securityvulns5threatpost2openvas2seebug1zdt2cve4prion4typo31ubuntucve2debiancve2nessus1