Lucene search
+L

101 matches found

OpenVAS
OpenVAS
added 2017/02/03 12:0 a.m.30 views

Debian Security Advisory DSA 3779-1 (wordpress - security update)

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to hijack victims OpenVAS Vulnerability Test $Id: deb3779.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3779-1 using nvtgen 1.0 Script version: 1.0 Author:...

7.5CVSS0.3AI score0.09933EPSS
Exploits0References1
Debian
Debian
added 2017/02/01 8:2 a.m.39 views

[SECURITY] [DLA 813-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u13 CVE ID : CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 Debian Bug : 851310 852767 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common...

9.8CVSS9.7AI score0.09933EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/17 12:0 a.m.33 views

WordPress < 4.7.1 Multiple Vulnerabilities

Binary data 9894.prm...

8.8CVSS7.4AI score0.87095EPSS
Exploits7References8
OSV
OSV
added 2017/01/15 2:59 a.m.16 views

CVE-2017-5489

Cross-site request forgery CSRF vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload...

8.8CVSS7.2AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/01/15 2:59 a.m.21 views

CVE-2017-5489

Cross-site request forgery CSRF vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload...

8.8CVSS7.2AI score0.01332EPSS
Exploits0References6
CVE
CVE
added 2017/01/15 2:0 a.m.119 views

CVE-2017-5489

CVE-2017-5489 affects WordPress before 4.7.1. It is a CSRF vulnerability that allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload. The impact is the hijack of user authentication with potential for unauthorized actions. WordPress p...

8.8CVSS7.3AI score0.01332EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2017/01/15 2:0 a.m.15 views

CVE-2017-5489

Cross-site request forgery CSRF vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload...

8.8CVSS9AI score0.01332EPSS
Exploits0
ArchLinux
ArchLinux
added 2017/01/15 12:0 a.m.58 views

[ASA-201701-22] wordpress: multiple issues

Arch Linux Security Advisory ASA-201701-22 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-10033 CVE-2016-10045 CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 Package : wordpress Type : multiple issue...

9.8CVSS2.2AI score0.99714EPSS
Exploits66References22
CVE
CVE
added 2016/10/25 2:0 p.m.37 views

CVE-2016-5489

CVE-2016-5489 is an unspecified vulnerability in the Oracle iStore component of Oracle E-Business Suite (versions 12.1.1–12.1.3, 12.2.3, 12.2.4) affecting the Runtime Catalog subcomponent. The issue allows remote attackers to impact confidentiality and integrity via Runtime Catalog related vector...

8.2CVSS7.6AI score0.02244EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2015/08/18 5:59 p.m.13 views

CVE-2015-5489

Cross-site scripting XSS vulnerability in the Smart Trim module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors involving the field settings form...

3.5CVSS5.3AI score0.00954EPSS
Exploits0References3
CVE
CVE
added 2015/08/18 5:0 p.m.54 views

CVE-2015-5489

The Drupal Smart Trim module (7.x-1.x) is affected by an XSS vulnerability in versions prior to 7.x-1.5 due to insufficient input filtering in the field settings form. This allows remote authenticated users with certain permissions to inject arbitrary script/HTML. Impact is partial integrity loss...

3.5CVSS5.4AI score0.00954EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/08/18 5:0 p.m.18 views

CVE-2015-5489

Cross-site scripting XSS vulnerability in the Smart Trim module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors involving the field settings form...

5.3AI score0.00954EPSS
Exploits0References3
CVE
CVE
added 2014/09/30 2:0 p.m.84 views

CVE-2012-5489

CVE-2012-5489 affects Zope’s App.Undo.UndoSupport.get_request_var_or_attr in Zope versions before 2.12.21 and 3.13.x before 2.13.11, used by Plone before 4.2.3 and 4.3 before beta 1. The root cause is insufficient access control on restricted attributes, allowing remote authenticated users to acc...

6.5CVSS6.5AI score0.01272EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2013/09/13 10:0 a.m.40 views

CVE-2013-5489

The CVE-2013-5489 entry concerns Cisco SocialMiner gadgets that do not properly restrict the content of GET requests, allowing an unauthenticated, remote attacker to obtain sensitive information by reading web-server access logs, web-server Referer logs, or the browser history. The issue arises f...

5CVSS6.3AI score0.01354EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/01/13 12:0 a.m.35 views

SuSE 11.1 Security Update : libxml2 (SAT Patch Number 5489)

Specially crafted XPath expressions could have allowed attackers to cause a denial of service or possibly have unspecified other impact CVE-2011-2821 / CVE-2011-2834. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

7.5CVSS8.2AI score0.02129EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/12/12 4:0 p.m.24 views

CVE-2008-5489

SQL injection vulnerability in channeldetail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter...

8.4AI score0.01154EPSS
Exploits1References6
CVE
CVE
added 2008/12/12 4:0 p.m.43 views

CVE-2008-5489

CVE-2008-5489 describes an SQL injection in ClipShare Pro 4 (and 2006–2007) via the chid parameter in channel_detail.php, allowing remote arbitrary SQL execution. Affected software: ClipShare Pro 4 (2006–2007). Root cause: unsanitized/chid parameter leading to injection. Impact: enables arbitrary...

7.5CVSS8.4AI score0.01154EPSS
Exploits1References6Affected Software1
Circl
Circl
added 2008/11/15 12:0 a.m.5 views

CVE-2008-5489

creationtimestamp| type| source ---|---|--- 2008-11-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7128 2013-03-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24894...

7.5CVSS5.8AI score0.01154EPSS
Exploits1References2
CVE
CVE
added 2006/10/25 10:0 a.m.48 views

CVE-2006-5489

The CVE-2006-5489 entry affects Research in Motion BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino . The issue allows attackers with meeting organizer privileges to trigger a denial of service (application hang) by manipulating a deleted recurrent meeting instance when c...

5CVSS6.6AI score0.01461EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.24 views

CVE-2025-5489

...

Exploits0
Rows per page
Query Builder