Lucene search
K

564 matches found

htbridge
htbridge
added 2011/02/15 12:0 a.m.50 views

Installation Path Disclosure Weakness in NextGEN Gallery wordpress plugin

High-Tech Bridge SA Security Research Lab has discovered a weakness in NextGEN Gallery wordpress plugin which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in NextGEN Gallery wordpress plugin The weakness exists due to application...

5CVSS6.9AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2010/08/03 12:0 a.m.10 views

WordPress NextGEN Smooth Gallery Plugin 0.12 - Blind SQL Injection Vulnerability

This NextGEN Smooth Gallery plugin is prone to an SQL injection vulnerability. It fails to clean up user's data before using it in an SQL query. Also, this plugin allows an attacker to compromise the access, application, modify data or exploit hidden vulnerabilities in the underlying database...

2.7AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2010/08/03 12:0 a.m.25 views

WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================================== WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability ================================================================== WordPress NextGEN Smooth Gallery BLIND SQL...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/03 12:0 a.m.32 views

WordPress NextGEN Smooth Gallery Blind SQL Injection

WordPress NextGEN Smooth Gallery BLIND SQL injection Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : 03 August, 2010 Software Information + Download : http://downloads.wordpress.org/plugin/nextgen-smooth-gallery.1.2.zip + version : 1.2 or lower maybe also...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2010/08/03 12:0 a.m.20 views

WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection

WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection WordPress NextGEN Smooth Gallery BLIND SQL injection Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : 03 August, 2010 Software Information + Download :...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/03 12:0 a.m.40 views

WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection

WordPress NextGEN Smooth Gallery BLIND SQL injection Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : 03 August, 2010 Software Information + Download : http://downloads.wordpress.org/plugin/nextgen-smooth-gallery.1.2.zip + version : 1.2 or lower maybe also...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/04/09 12:0 a.m.30 views

WordPress NextGEN Gallery插件mode参数跨站脚本漏洞

BUGTRAQ ID: 39250 CVE ID: CVE-2010-1186 WordPress是一款免费的论坛Blog系统。 WordPress所使用的NextGEN Gallery图形库插件没有正确地转义提交给media-rss.php脚本的mode参数: /----- $mode = $GET"mode"; - -----/ 如果没有选择正确的mode,该参数就被返回给用户: /----- else header'content-type:text/plain;charset=utf-8'; echo sprintf"Invalid MediaRSS command...

4.3CVSS1AI score0.04727EPSS
Exploits6
Prion
Prion
added 2010/04/07 3:30 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter...

4.3CVSS6.2AI score0.04727EPSS
Exploits6References7Affected Software1
NVD
NVD
added 2010/04/07 3:30 p.m.29 views

CVE-2010-1186

Cross-site scripting XSS vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter...

4.3CVSS5.7AI score0.04727EPSS
Exploits6References7
Cvelist
Cvelist
added 2010/04/07 3:0 p.m.34 views

CVE-2010-1186

Cross-site scripting XSS vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter...

5.7AI score0.04727EPSS
Exploits6References7
CVE
CVE
added 2010/04/07 3:0 p.m.63 views

CVE-2010-1186

The CVE-2010-1186 entry documents a Cross-Site Scripting (XSS) vulnerability in the NextGEN Gallery WordPress plugin. Affected component: xml/media-rss.php; vulnerable until version 1.5.2 where the mode parameter is reflected without proper escaping, enabling remote attackers to inject arbitrary ...

4.3CVSS5.7AI score0.04727EPSS
Exploits6References7Affected Software1
Packet Storm
Packet Storm
added 2010/04/07 12:0 a.m.53 views

Core Security Technologies Advisory 2010.0323

XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL: http://www.coresecurity.com/content/nextgen-gallery-xss-vulnerability Date published: 2010-04-06 Date of last update...

4.3CVSS0.4AI score0.04727EPSS
Exploits6
exploitpack
exploitpack
added 2010/04/06 12:0 a.m.49 views

WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting

WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL:...

4.3CVSS0.1AI score0.04727EPSS
Exploits6
Patchstack
Patchstack
added 2010/04/06 12:0 a.m.22 views

WordPress NextGEN Gallery Plugin <= 1.5.1 - XSS Vulnerability

This NextGEN Gallery plugin is prone to a cross-site scripting vulnerability. It is really popular plugin for the WordPress content management system, usually found as a blogging platform. The vulnerability manipulates the mode parameter of the xml/media-rss.php script and it results that...

4.3CVSS1.2AI score0.04727EPSS
Exploits6Affected Software1
Core Security
Core Security
added 2010/04/06 12:0 a.m.25 views

XSS Vulnerability in NextGEN Gallery Wordpress Plugin

Advisory ID Internal CORE-2010-0323 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL:http://www.coresecurity.com/content/nextgen-gallery-xss-vulnerability Date published: 2010-04-06 Date of last update: 2010-03-25 Vendor...

4.3CVSS6.4AI score0.04727EPSS
Exploits6
Exploit DB
Exploit DB
added 2010/04/06 12:0 a.m.70 views

WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting

XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL: http://www.coresecurity.com/content/nextgen-gallery-xss-vulnerability Date published: 2010-04-06 Date of last update...

4.3CVSS6.4AI score0.04727EPSS
Exploits6
NVD
NVD
added 2009/09/08 10:30 a.m.21 views

CVE-2008-7175

Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...

4.3CVSS5.8AI score0.01467EPSS
Exploits0References2
Prion
Prion
added 2009/09/08 10:30 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...

4.3CVSS6.2AI score0.01467EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2009/09/08 10:0 a.m.27 views

CVE-2008-7175

Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...

5.8AI score0.01467EPSS
Exploits0References2
CVE
CVE
added 2009/09/08 10:0 a.m.47 views

CVE-2008-7175

The CVE refers to a cross-site scripting (XSS) vulnerability in the WordPress NextGEN Gallery plugin (

4.3CVSS5.9AI score0.01467EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder