Lucene search
K

5 matches found

Circl
Circl
added 2024/06/22 9:27 a.m.6 views

CVE-2018-6195

creationtimestamp| type| source ---|---|--- 2024-06-22 09:27:44+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/33...

7.2CVSS7AI score0.03741EPSS
Exploits2References1
OSV
OSV
added 2018/01/30 8:29 p.m.3 views

CVE-2018-6195

admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin wp-splashing-images before 2.1.1 for WordPress allows authenticated administrator, editor, or author remote attackers to conduct PHP Object Injection attacks via crafted serialized data in the 'session' HTTP GET parameter t...

7.2CVSS5.8AI score0.03741EPSS
Exploits2References4
Cvelist
Cvelist
added 2018/01/30 8:0 p.m.27 views

CVE-2018-6195

admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin wp-splashing-images before 2.1.1 for WordPress allows authenticated administrator, editor, or author remote attackers to conduct PHP Object Injection attacks via crafted serialized data in the 'session' HTTP GET parameter t...

7.2AI score0.03741EPSS
Exploits2References4
CVE
CVE
added 2018/01/30 8:0 p.m.43 views

CVE-2018-6195

CVE-2018-6195 affects the WordPress plugin wp-splashing-images prior to 2.1.1. An authenticated user (administrator, editor, or author) can exploit PHP Object Injection by sending crafted serialized data in the session parameter to wp-admin/upload.php, allowing remote code execution-like impact. ...

7.2CVSS7.1AI score0.03741EPSS
Exploits2References4Affected Software1
Packet Storm
Packet Storm
added 2018/01/26 12:0 a.m.51 views

WordPress Splashing Images 2.1 Cross Site Scripting / PHP Object Injection

Product: WordPress Splashing Images Plugin - https://wordpress.org/plugins/wp-splashing-images/ Vendor: Studio Espresso Tested version: 2.1 CVE ID: CVE-2018-6194 :: CVE description :: A cross-site scripting XSS vulnerability in admin/partials/wp-splashing-admin-sidebar.php in the...

5.9AI score0.03741EPSS
Exploits3
Rows per page
Query Builder