Lucene search
K

151 matches found

CNVD
CNVD
added 2019/08/27 12:0 a.m.3 views

WordPress crafty-social-buttons plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. crafty-social-buttons is a plugin for adding links to social networking sites. A cross-site scripting vulnerability exists in the...

6.1CVSS6.3AI score0.00905EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 8:15 p.m.18 views

CVE-2017-18578

The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References1
OSV
OSV
added 2019/08/22 8:15 p.m.4 views

CVE-2017-18578

The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS...

6.1CVSS5.8AI score0.00905EPSS
Exploits0References1
CVE
CVE
added 2019/08/22 7:43 p.m.56 views

CVE-2017-18578

The CVE-2017-18578 issue affects the WordPress plugin Crafty Social Buttons, specifically versions prior to 1.5.8. The vulnerability is a Cross-Site Scripting (XSS) flaw in the plugin, enabling client-side code execution. Public sources (Red Hat, CNVD/CVE records, and WP vulnerability discussions...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/22 7:43 p.m.15 views

CVE-2017-18578

The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS...

6.4AI score0.00905EPSS
Exploits0References1
NVD
NVD
added 2018/07/30 4:29 p.m.20 views

CVE-2018-10903

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS7.2AI score0.03196EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2017/05/12 12:0 a.m.17 views

Crafty Social Buttons < 1.5.8 - XSS

The Crafty Social Buttons WordPress plugin was affected by a XSS security vulnerability...

4.3CVSS2.7AI score0.00905EPSS
Exploits0Affected Software1
Prion
Prion
added 2017/01/19 8:59 p.m.15 views

Design/Logic Flaw

Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call...

7.2CVSS7.6AI score0.0035EPSS
Exploits0References3Affected Software1
hackapp
hackapp
added 2016/04/01 9:59 a.m.8 views

Crafty Candy - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Crafty Candy published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:44 a.m.12 views

Crafty World Exploration - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Crafty World Exploration published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
OSV
OSV
added 2015/02/12 4:59 p.m.4 views

CVE-2015-1345

The bmexectrans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option...

5.9AI score
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later version. This...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Crafty Syntax Live Help 2.9.9 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20711/info Crafty Syntax Live Help is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln

No description provided by source. Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Crafty Syntax Live Help 2.14.6 'livehelp_js.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30543/info Crafty Syntax Live Help CSLH is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/04/19 12:0 a.m.13 views

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/04/19 12:0 a.m.16 views

Crafty Syntax Live Help RFI / Path Disclosure

Exploit Title : Crafty Syntax Live Help = 2.. & 3.. RFI + Path Disclosure Date : 4/19/2013 Author : ITTIHACK Home : http://ittihack.com Vendor : http://www.craftysyntax.com Download : http://www.craftysyntax.com/craftysyntax3.4.1.zip Version : 2. and 3. , All versions Category : webapps Google do...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/19 12:0 a.m.25 views

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure

source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to obtain sensitive...

7.4AI score
Exploits0
AlpineLinux
AlpineLinux
added 2012/07/13 10:0 a.m.38 views

CVE-2012-2812

The exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service out-of-bounds read or possibly obtain sensitive information from process memory via crafted EXIF tags in an image...

6.4CVSS6.7AI score0.03859EPSS
Exploits0
NVD
NVD
added 2011/09/23 11:55 p.m.21 views

CVE-2011-3723

Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by READMEFILES/livehelp.php and certain other files...

5CVSS6.1AI score0.01335EPSS
Exploits1References3
Rows per page
Query Builder