532 matches found
CVE-2015-3348
CVE-2015-3348 concerns the Cloudwords for Multilingual Drupal module (Drupal 7.x) prior to 7.x-2.3. The vulnerability is an XSS flaw where remote authenticated users can inject arbitrary script/HTML via a node title due to insufficient sanitization. Affected software: Cloudwords for Multilingual ...
Unspecified Vulnerability in WordPress Plugin WPML
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WPML is one of the multi-language plug-ins. A security vulnerability exists in the WordPress WPML plugin prior to...
CVE-2015-2791
The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php...
CVE-2015-2791
CVE-2015-2791 affects the WordPress WPML plugin prior to 3.1.9. The vulnerability is in the plugin’s menu sync function and allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php. The evidence base also notes bro...
WordPress WPML Plugin <= 3.1.8 - Multiple Vulnerabilities
This WordPress Multilingual plugin is prone to SQL injection, missing authentication, page/post/menu deletion and reflected XSS vulnerabilities. Solution Update the plugin...
WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)
The sitepress-multilingual-cms WordPress plugin was affected by a Multiple Vulnerabilities Including SQLi security vulnerability...
[SECURITY] Fedora 20 Update: roundcubemail-1.0.5-1.fc20
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
SA-CONTRIB-2015-006 - Cloudwords for Multilingual Drupal - Multiple vulnerabilities
This module provides integration with the Cloudwords third-party service. The module was not sanitizing node titles on certain conditions, thereby leading to a Cross Site Scripting XSS vulnerability. Also, a menu callback was not protected against CSRF. The XSS vulnerability is mitigated by the...
[SECURITY] Fedora 20 Update: roundcubemail-1.0.4-2.fc20
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
PWGen - Generator of cryptographically-strong passwords
PWGen is a professional password generator capable of creating large amounts of cryptographically-secure passwords or passphrases consisting of words from a word list. It uses a “random pool ” technique to generate random data based on user inputs keystrokes, mouse handling and volatile system...
Knews 1.1.0 - wysiwyg/fontpicker/index.php ff Parameter XSS
The Knews Multilingual Newsletters WordPress plugin was affected by a wysiwyg/fontpicker/index.php ff Parameter XSS security vulnerability...
Knews 1.2.5 - Multilingual Newsletters Cross-Site Request Forgery
The Knews Multilingual Newsletters WordPress plugin was affected by a Multilingual Newsletters Cross-Site Request Forgery security vulnerability...
Hotel / Resort Site Script with OnLine Reservation System
No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Hotel / Resort Site Script with OnLine Reservation System SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.mformula.com.br Greetz to:Sid3^effects, aaNumb, M4n0j and to all ICW members...
Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability
No description provided by source. |--Glossword 1.8.11 LFI |--CMS INFORMATION: | |--WEB: http://code.google.com/p/glossword/ |--DOWNLOAD: http://code.google.com/p/glossword/downloads/list |--DESCRIPTION: Glossword is a system written in PHP to create and publish online multilingual dictionary,...
Joomla com_autartimonial Sqli Vulnerability
No description provided by source. Name : Joomla comautartimonial Sqli Vulnerability Date : july 6,2010 Critical Level : HIGH vendor URL :http://www.autartica.be/ Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...
Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities
No description provided by source. +Title Allpc 2.5 osCommerce SQL-i/XSS Multiple Vulnerabilities +Author RoAdKiLlEr +Contact RoAdKiLlEratKhg-CrewdotWs +Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- Founded by RoAdKiLlEr Team: Albanian Hacking...
B-Hind CMS (tiny_mce) Remote File Upload
No description provided by source. Title: B-Hind CMS tinymce Remote File Upload Vendor: http://www.b-hind.eu/ AUTHOR: innrwrld & h00die DESCRIPTION by vendor: B-interference Lite is a simple CMS for small websites. Ideal for local merchants or organizations. The content of page can be adjusted by...
OWASP Mantra Security Toolkit - Browser Based Security Framework
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source...
[SECURITY] Fedora 20 Update: roundcubemail-0.9.5-1.fc20
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
Fedora Update for roundcubemail FEDORA-2013-16192
Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2013-16192 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...