CVE-2025-12502

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

EUVD-2025-198272

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

CVE-2025-12502

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

CVE-2025-12502 Attention Bar <= 0.7.2.1 - Admin+ SQLi

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

CVE-2025-12502 Attention Bar <= 0.7.2.1 - Admin+ SQLi

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

WordPress plugin Attention Bar 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-47556

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

DEBIAN-CVE-2008-6838

Cross-site scripting XSS vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the off parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-6837

SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-3258. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-6838

Cross-site scripting XSS vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the off parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Sql injection

SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-3258. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-6838

CVE-2008-6838 is a Cross-site Scripting (XSS) vulnerability affecting Zoph 0.7.2.1, exposed via search.php. The issue allows remote attackers to inject arbitrary script or HTML through the _off parameter. The vulnerability description notes that the provenance of the information is from third par...

CVE-2008-6837

SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-3258. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-6838

Cross-site scripting XSS vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the off parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Zoph 0.7.2.1 - SQL Injection

Zoph 0.7.2.1 - SQL Injection source: https://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...

Zoph 0.7.2.1 - search.php?_off Cross-Site Scripting

Zoph 0.7.2.1 - search.php?off Cross-Site Scripting source: https://www.securityfocus.com/bid/30116/info Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credential...

Back-end0721.txt

/ Federico Fazzi, / Back-end = 0.7.2.1 jpcache.php Remote command execution / 08/06/2006 1:04 Bug: jpcache.php: line 40 --- $includedir = $PSL'classdir' . "/jpcache"; --- Proof of concept: Back-end have a default path pre-set on jpcache.php, and cracker can execute a remote command...