Lucene search
K

41 matches found

ATTACKERKB
ATTACKERKB
added 2022/06/08 10:15 a.m.5 views

CVE-2022-1692

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...

9.8CVSS7.4AI score0.1036EPSS
Exploits2References3
Prion
Prion
added 2022/06/08 10:15 a.m.18 views

Sql injection

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...

7.5CVSS9.7AI score0.1036EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2022/06/08 12:0 a.m.3 views

WordPress plugin CP Image Store with Slideshow SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress plugin CP Image Store with Slideshow version 1.0.68 has a SQL injection...

9.8CVSS6AI score0.1036EPSS
Exploits2References3
Cvelist
Cvelist
added 2022/06/06 8:51 a.m.23 views

CVE-2022-1692 CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...

10AI score0.1036EPSS
Exploits2References2
CVE
CVE
added 2022/06/06 8:51 a.m.82 views

CVE-2022-1692

The CVE-2022-1692 issue affects the WordPress plugin CP Image Store with Slideshow prior to 1.0.68. The vulnerability arises from failing to sanitize and escape the ordering_by query parameter before it is used in a SQL statement on pages embedding [codepeople-image-store], enabling unauthenticat...

9.8CVSS9.8AI score0.1036EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/06 12:0 a.m.6 views

PT-2022-14050

Name of the Vulnerable Software and Affected Versions CP Image Store with Slideshow WordPress plugin versions prior to 1.0.68 Description The issue allows unauthenticated users to perform an SQL injection attack due to the lack of sanitization and escaping of the ordering by query parameter in SQ...

9.8CVSS7.3AI score0.1036EPSS
Exploits2References6
Patchstack
Patchstack
added 2022/05/12 12:0 a.m.30 views

WordPress CP Image Store with Slideshow plugin <= 1.0.67 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer Fraunhofer IESE, Germany and Shi Chen University of Kaiserslautern, Germany in the WordPress CP Image Store with Slideshow plugin versions = 1.0.67. Solution Update the WordPress CP Image Store with Slideshow plugin...

9.8CVSS3.4AI score0.1036EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/09 12:0 a.m.22 views

CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi

The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack PoC On a page where the codepeople-image-store is embed, append the...

9.8CVSS0.9AI score0.1036EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/05/09 12:0 a.m.135 views

CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi

The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack On a page where the codepeople-image-store is embed, append the following...

9.8CVSS1.6AI score0.1036EPSS
Exploits2References1
Patchstack
Patchstack
added 2015/07/13 12:0 a.m.10 views

WordPress CP Image Store with Slideshow Plugin <= 1.0.6 - Purchase ID Brute Force Prevention

This plugin is prone to a purchase id brute force prevention vulnerability. Solution Update the plugin...

2AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2015/07/11 12:0 a.m.41 views

Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com/...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/07/10 12:0 a.m.17 views

WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download

WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage:...

7.3AI score
Exploits0
Patchstack
Patchstack
added 2015/07/10 12:0 a.m.10 views

WordPress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download

CP Image Store with Slideshow plugin is prone to an arbitrary file download vulnerability via "cp-image-store.php". It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Update the plugin...

3.7AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2015/07/10 12:0 a.m.28 views

WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download

Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com/ Software Link:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Image Store Remote file Upload Vulnerability

No description provided by source. ============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/11/30 12:0 a.m.25 views

Wordpress Plugins - image-store Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------------- Wordpress Plugins - image-store Arbitrary File Upload Vulnerability -------------------------------------------------------------------------------- Author =...

7.1AI score
Exploits0
myhack58
myhack58
added 2010/06/22 12:0 a.m.17 views

PHPAuctionSystem registration file upload vulnerability-vulnerability warning-the black bar safety net

·PHPAuctionSystem registration file upload vulnerability PHPAuctionSystem registered members sign in the presence of arbitrary file upload vulnerability. Step 1: register as a user:) Step 2: Go to the/visit the sell item option Demo URL: http:// www.hack58.com/ selectcategory.php it? Step 3: Uplo...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/09 12:0 a.m.34 views

Image Store 1.0 Shell Upload

============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/06/09 12:0 a.m.30 views

Image Store Remote file Upload Vulnerability

Exploit for php platform in category web applications ============================================ Image Store Remote file Upload Vulnerability ============================================ Name: Image Store V 1.0 Date: 09-06-2010 vendor: http://www.scriptidea.net/imagestore/ Price: $199.00...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/06/08 12:0 a.m.19 views

Image Store - Arbitrary File Upload

Image Store - Arbitrary File Upload ============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...

0.4AI score
Exploits0
Rows per page
Query Builder