Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

872 matches found

Cvelist
Cvelistadded 2013/07/19 10:0 a.m.29 views

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

5.5AI score0.06259EPSS
Exploits10References8
Debian CVE
Debian CVEadded 2013/07/19 10:0 a.m.46 views

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

4.3CVSS5.6AI score0.06259EPSS
Exploits10
securityvulns
securityvulnsadded 2013/07/19 12:0 a.m.115 views

AFU and XSS vulnerabilities in TinyMCE Image Manager

Hello 3APA3A! These are Arbitrary File Uploading and Cross-Site Scripting vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. -------------------------...

0.5AI score
Exploits0
Packet Storm
Packet Stormadded 2013/07/19 12:0 a.m.29 views

TinyMCE Image Manager 1.1 XSS / File Upload

Hello list! These are Arbitrary File Uploading and Cross-Site Scripting vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. -------------------------...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/07/15 12:0 a.m.40 views

IA and AFU vulnerabilities in aCMS

Hello 3APA3A! These are Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the second part of them. ------------------------- Affected products: ------------------------- Vulnerable are aCMS...

2.5AI score
Exploits0
securityvulns
securityvulnsadded 2013/07/15 12:0 a.m.48 views

XSS and CS vulnerabilities in TinyMCE Image Manager

Hello 3APA3A! These are Cross-Site Scripting and Content Spoofing vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. ------------------------- Affected...

0.2AI score
Exploits0
Packet Storm
Packet Stormadded 2013/07/15 12:0 a.m.18 views

TinyMCE Image Manager 1.1 Cross Site Scripting

Hello list! These are Cross-Site Scripting and Content Spoofing vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. ------------------------- Affected...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2013/07/12 12:0 a.m.42 views

Fedora 17 : wordpress-3.5.2-1.fc17 (2013-11649)

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also...

4.3CVSS4.8AI score0.01677EPSS
Exploits5References11
Tenable Nessus
Tenable Nessusadded 2013/07/12 12:0 a.m.33 views

Fedora 19 : wordpress-3.5.2-1.fc19 (2013-11590)

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also...

4.3CVSS4.8AI score0.01677EPSS
Exploits5References11
NVD
NVDadded 2013/07/08 8:55 p.m.16 views

CVE-2013-2204

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

4.3CVSS6.5AI score0.00658EPSS
Exploits1References5
OSV
OSVadded 2013/07/08 8:55 p.m.1 views

DEBIAN-CVE-2013-2204

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

4.3CVSS7AI score0.00658EPSS
Exploits1References1
OSV
OSVadded 2013/07/08 8:55 p.m.6 views

CVE-2013-2204

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

6.5AI score
Exploits0References6
Prion
Prionadded 2013/07/08 8:55 p.m.16 views

Spoofing

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

4.3CVSS7.1AI score0.00658EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCveadded 2013/07/08 8:55 p.m.21 views

CVE-2013-2204

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

4.3CVSS6AI score0.00658EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2013/07/08 8:0 p.m.25 views

CVE-2013-2204

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

4.3CVSS6.4AI score0.00658EPSS
Exploits1
Cvelist
Cvelistadded 2013/07/08 8:0 p.m.19 views

CVE-2013-2204

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a pound sign character during extraction of the QUERYSTRING, which allows remote attackers to pass arbitrary parameters to a Flash...

6.4AI score0.00658EPSS
Exploits1References5
CVE
CVEadded 2013/07/08 8:0 p.m.64 views

CVE-2013-2204

The CVE-2013-2204 entry affects moxieplayer.as in Moxiecode moxieplayer, used in the TinyMCE Media plugin for WordPress prior to 3.5.2 (and other products). The root cause is the extraction of QUERY_STRING failing to account for a trailing # in the string, enabling remote attackers to pass arbitr...

4.3CVSS6.5AI score0.00658EPSS
Exploits1References5Affected Software2
securityvulns
securityvulnsadded 2013/07/08 12:0 a.m.50 views

AFU vulnerabilities in MCFileManager for TinyMCE

Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode File Manager MCFileManager. This is commercial plugin for TinyMCE. It concerns as MCFileManager, as all web applications which have MCFileManager in their bundle. These are Arbitrary File Uploading vulnerabilities, which lead to...

2.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/07/08 12:0 a.m.69 views

Content Spoofing vulnerabilities in TinyMCE and WordPress

Hello 3APA3A! This are Content Spoofing vulnerabilities in TinyMCE and WordPress. Which I've disclosed on Wednesday. In 2011 I already wrote about Content Spoofing in Moxieplayer, when I wrote concerning multiple vulnerabilities in TinyMCE http://securityvulns.ru/docs27349.html, which is a...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2013/07/08 12:0 a.m.39 views

AFU vulnerabilities in MCImageManager for TinyMCE

Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Arbitrary File Uploading vulnerabilities, which lead...

1.8AI score
Exploits0
Rows per page
Query Builder