Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2013-0285)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.08749EPSS
Exploits8References5
Mageia
Mageia
added 2013/09/19 9:45 a.m.50 views

Updated wordpress and php-phpmailer packages fix security vulnerabilities

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations CVE-2013-4338. WordPress before 3.6.1 does not properly validate URLs before...

7.5CVSS4.6AI score0.08749EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2013/09/15 12:0 a.m.48 views

Debian DSA-2757-1 : wordpress - several vulnerabilities

Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches...

7.5CVSS5.5AI score0.08749EPSS
Exploits8References14
Debian
Debian
added 2013/09/14 9:13 a.m.51 views

[SECURITY] [DSA 2757-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2757-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 14, 2013 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.08749EPSS
Exploits8
OpenVAS
OpenVAS
added 2013/09/14 12:0 a.m.31 views

Debian Security Advisory DSA 2757-1 (wordpress - several vulnerabilities)

Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches...

7.5CVSS0.08749EPSS
Exploits8References1
OSV
OSV
added 2013/09/14 12:0 a.m.33 views

DSA-2757-1 wordpress - several

Bulletin has no description...

7.5CVSS6AI score0.08749EPSS
Exploits8
OSV
OSV
added 2013/09/12 1:30 p.m.8 views

CVE-2013-5738

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...

5.1AI score
Exploits0References6
OSV
OSV
added 2013/09/12 1:30 p.m.3 views

UBUNTU-CVE-2013-5738

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...

4.3CVSS5.7AI score0.02361EPSS
Exploits1References5
CVE
CVE
added 2013/09/12 10:0 a.m.83 views

CVE-2013-5738

WordPress up to version 3.6.0 is affected by CVEs-2013-5738 and -5739. The vulnerability stems from wp-includes/functions.php:get_allowed_mime_types, which does not require the unfiltered_html capability for .htm/.html uploads, potentially enabling remote authenticated users to trigger XSS via a ...

4.3CVSS5.1AI score0.02361EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder