CVE-2017-20266

CVE-2017-20266 affects Joomla SP Movie Database 1.3. The issue is an SQL injection in the searchword parameter of the searchresults view, enabling unauthenticated attackers to execute arbitrary SQL queries and extract sensitive database information via crafted GET requests. No remediation or expl...

CVE-2016-20078

WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion (LFI) vulnerability in pic.php that allows unauthenticated attackers to read arbitrary files via directory traversal in the URL. The impact includes potential exposure of sensitive data such as wp-config.php. CVSS metrics present...

CVE-2016-20078 WordPress IMDb Profile Widget 1.0.8 Local File Inclusion via pic.php

WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like...

EUVD-2024-40192

Malicious code in bioql PyPI...

CVE-2024-43300

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

CVE-2024-43300

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11...

CVE-2024-43300

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

CVE-2024-43300 WordPress Movie Database plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

CVE-2024-43300

CVE-2024-43300 corresponds to a Stored XSS in the WordPress Movie Database plugin (versions n/a through 1.0.11). The vulnerability stems from improper input neutralization during web page generation, allowing malicious scripts to be stored and executed. Affected product: WordPress Movie Database ...

CVE-2024-43300 WordPress Movie Database plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

WordPress plugin Movie Database 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Movie Database plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by FX Patchstack in WordPress Plugin Movie Database versions = 1.0.11...

WordPress Movie Database Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Movie Database Type Plugin Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43300 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d8991f93ba12 Credits FX Required privilege Administrator...

WordPress Plugin Shortcode IMDB 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress plugin IMDB info box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress IMDB info box plugin has a cross-site scripting vulnerability that stems from failure to clean and...

Joomla SP Movie Database 1.4 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SP Movie Database - SQL Injection Vulnerability Google Dork: inurl:option=comspmoviedb Date: 29.12.2017 Author: pwny Source Component : https://extensions.joomla.org/extension/sp-movie-database/ Version : 1.4 Tested on: Kali Lin...

Joomla SP Movie Database 1.4 SQL Injection

Exploit Title: SP Movie Database - SQL Injection Vulnerability Google Dork: inurl:option=comspmoviedb Date: 29.12.2017 Author: pwny Source Component : https://extensions.joomla.org/extension/sp-movie-database/ Version : 1.4 Tested on: Kali Linux proof : https://ibb.co/cjdiZw Search Form in Home...

SP Movie Database 1.3, SQL Injection

SP Movie Database version 1.3 by joomshaper.com, SQL Injection resolution: update to version 1.4 update notice: https://www.joomshaper.com/forums/sp-movie-database-component-updated-with-security-and-other-fixes...

Joomla SP Movie Database 1.3 SQL Injection

Exploit Title: Joomla! Component SP Movie Database 1.3 - SQL Injection Dork: N/A Date: 18.08.2017 Vendor Homepage: http://joomshaper.com/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/directory/sp-movie-database/ Demo:...

Joomla SP Movie Database 1.3 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component SP Movie Database 1.3 - SQL Injection Dork: N/A Date: 18.08.2017 Vendor Homepage: http://joomshaper.com/ Software Link:...