41 matches found
CVE-2022-1692
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...
Sql injection
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...
WordPress plugin CP Image Store with Slideshow SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress plugin CP Image Store with Slideshow version 1.0.68 has a SQL injection...
CVE-2022-1692 CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...
CVE-2022-1692
The CVE-2022-1692 issue affects the WordPress plugin CP Image Store with Slideshow prior to 1.0.68. The vulnerability arises from failing to sanitize and escape the ordering_by query parameter before it is used in a SQL statement on pages embedding [codepeople-image-store], enabling unauthenticat...
PT-2022-14050
Name of the Vulnerable Software and Affected Versions CP Image Store with Slideshow WordPress plugin versions prior to 1.0.68 Description The issue allows unauthenticated users to perform an SQL injection attack due to the lack of sanitization and escaping of the ordering by query parameter in SQ...
WordPress CP Image Store with Slideshow plugin <= 1.0.67 - Unauthenticated SQL Injection (SQLi) vulnerability
Unauthenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer Fraunhofer IESE, Germany and Shi Chen University of Kaiserslautern, Germany in the WordPress CP Image Store with Slideshow plugin versions = 1.0.67. Solution Update the WordPress CP Image Store with Slideshow plugin...
CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack PoC On a page where the codepeople-image-store is embed, append the...
CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack On a page where the codepeople-image-store is embed, append the following...
WordPress CP Image Store with Slideshow Plugin <= 1.0.6 - Purchase ID Brute Force Prevention
This plugin is prone to a purchase id brute force prevention vulnerability. Solution Update the plugin...
Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com/...
WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download
WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage:...
WordPress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download
CP Image Store with Slideshow plugin is prone to an arbitrary file download vulnerability via "cp-image-store.php". It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Update the plugin...
WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download
Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com/ Software Link:...
Image Store Remote file Upload Vulnerability
No description provided by source. ============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...
Wordpress Plugins - image-store Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------------- Wordpress Plugins - image-store Arbitrary File Upload Vulnerability -------------------------------------------------------------------------------- Author =...
PHPAuctionSystem registration file upload vulnerability-vulnerability warning-the black bar safety net
·PHPAuctionSystem registration file upload vulnerability PHPAuctionSystem registered members sign in the presence of arbitrary file upload vulnerability. Step 1: register as a user:) Step 2: Go to the/visit the sell item option Demo URL: http:// www.hack58.com/ selectcategory.php it? Step 3: Uplo...
Image Store 1.0 Shell Upload
============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...
Image Store Remote file Upload Vulnerability
Exploit for php platform in category web applications ============================================ Image Store Remote file Upload Vulnerability ============================================ Name: Image Store V 1.0 Date: 09-06-2010 vendor: http://www.scriptidea.net/imagestore/ Price: $199.00...
Image Store - Arbitrary File Upload
Image Store - Arbitrary File Upload ============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...