CVE-2016-10084

admin/batchmanager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page'tab' variable aka the mode parameter...

Piwigo XSS Vulnerability

Piwigo is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:piwigo:piwigo"; if...

Piwigo 'search_rules.php' Cross-Site Scripting Vulnerability

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time, and more. A cross-site scripting vulnerability exists in the 'search results front end' feature in Piwigo version 2.8.3. A remote...

CVE-2016-9751

Cross-site scripting XSS vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2016-9751

Cross-site scripting XSS vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2016-9751

CVE-2016-9751 pertains to Piwigo 2.8.3 where the search parameter in the search results front end is susceptible to cross-site scripting (XSS), allowing remote attackers to inject arbitrary script/HTML. The OpenVAS entry confirms a Piwigo XSS vulnerability; other connected sources describe the sa...

CVE-2016-9751

Cross-site scripting XSS vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

[SECURITY] Fedora 24 Update: pulp-rpm-2.8.3-1.fc24

Provides a collection of platform plugins, client extensions and agent handlers that provide RPM support...

FFmpeg 'h264_slice_header_init' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'h264sliceheaderinit' function in the libavcodec/h264slice.c file in versions of FFmpeg prior to 2.8.3, which stems from the program not verifying the...

CVE-2015-0553

Cross-site scripting XSS vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 SP3 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter...

CVE-2015-0553

Affects WebsiteBaker 2.8.3 SP3: admin/pages/modify.php exposes a reflecting XSS via the page_id parameter. Impact is script execution in the context of the user’s browser. No remediation details are provided in the connected documents; CVSSv2 base score is 4.3 (Medium). Exploitation details appea...

CVE-2014-9242

SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

Sql injection

SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote attackers to execute arbitrary SQL commands via the pageid parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WebsiteBaker 2.8.3 allow remote attackers to inject arbitrary web script or HTML via the 1 QUERYSTRING to wb/admin/admintools/tool.php or 2 sectionid parameter to editmodulefiles.php, 3 news/addpost.php, 4 news/modifygroup.php, 5...

CVE-2014-9243

CVE-2014-9243 affects WebsiteBaker 2.8.3 with multiple XSS vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via: (1) QUERY_STRING to wb/admin/admintools/tool.php, (2) section_id to edit_module_files.php, (3) news/add_post.php, (4) news/modify_group.php, (5...

WebsiteBaker 2.8.3 XSS / SQL Injection / HTTP Response Splitting

============================================= MGC ALERT 2014-004 - Original release date: March 11, 2014 - Last revised: November 18, 2014 - Discovered by: Manuel Garcia Cardenas - Severity: 10/10 CVSS Base Score ============================================= I. VULNERABILITY...

joomla spider video, 2.8.3, sqli

joomla spider video, 2.8.3, SQL Injection UpdateNoticeURL http://web-dorado.com/products/joomla-player.html...

Websitebaker XSS Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

WordPress 2.8.3 RCE

Remote command execution vulnerability in WordPress Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...