WordPress plugin cformsII 'lib_nonajax.php' arbitrary file upload vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An arbitrary file upload vulnerability exists in the WordPress plugin cformsII 'libnonajax.php' because the application fails...

Cforms & CformsII <= 14.7 - Remote Code Execution via Unauthorised File Upload

...

WordPress Plugin cformsII 'lib_ajax.php' Multiple HTML Injection Vulnerabilities

cformsII WordPress Plugin is prone to multiple HTML injection vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

cformsII Plugin for WordPress 'rs' Parameter XSS

The version of the cformsII plugin for WordPress hosted on the remote web server fails to sanitize user-supplied input to the 'rs' parameter of the 'libajax.php' script before using it to generate dynamic HTML output. An attacker can leverage this issue to inject arbitrary HTML or script code int...

WordPress cformsII plugin rs and rsargs parameters to a script injection vulnerability and fix-vulnerability warning-the black bar safety net

Affected version: Nicole Stich cformsII 11.5 Vulnerability description: WordPress is a Free Forum Blog system. WordPress using cformsII plugin does not properly filter user submitted to the wp-content/plugins/cforms /libajax. php page of the rs and rsargs parameters will be displayed to the user...

WordPress cformsII插件rs和rsargs参数脚本注入漏洞

BUGTRAQ ID: 44587 CVE ID: CVE-2010-3977 WordPress是一款免费的论坛Blog系统。 WordPress所使用的cformsII插件没有正确的过滤用户提交给wp-content/plugins/cforms /libajax.php页面的rs和rsargs参数便显示给了用户。攻击者可以通过提交恶意的POST请求来利用这个漏洞，当用户查看生成页面时就会导致执行所注入的代码。 Nicole Stich cformsII 11.5 厂商补丁： Nicole Stich ------------...

WordPress Plugin cformsII 11.513.1 - lib_ajax.php Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin cformsII 11.513.1 - libajax.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44587/info The cformsII plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input...

WordPress Plugin cformsII 11.5/13.1 - &#039;lib_ajax.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44587/info The cformsII plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

WordPress CformsII Plugin 11.5 / 13.1 - Multiple Cross-Site Scripting Vulnerabilities

CformsII plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authentication...