564 matches found
Installation Path Disclosure Weakness in NextGEN Gallery wordpress plugin
High-Tech Bridge SA Security Research Lab has discovered a weakness in NextGEN Gallery wordpress plugin which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in NextGEN Gallery wordpress plugin The weakness exists due to application...
WordPress NextGEN Smooth Gallery Plugin 0.12 - Blind SQL Injection Vulnerability
This NextGEN Smooth Gallery plugin is prone to an SQL injection vulnerability. It fails to clean up user's data before using it in an SQL query. Also, this plugin allows an attacker to compromise the access, application, modify data or exploit hidden vulnerabilities in the underlying database...
WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability
Exploit for php platform in category web applications ================================================================== WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability ================================================================== WordPress NextGEN Smooth Gallery BLIND SQL...
WordPress NextGEN Smooth Gallery Blind SQL Injection
WordPress NextGEN Smooth Gallery BLIND SQL injection Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : 03 August, 2010 Software Information + Download : http://downloads.wordpress.org/plugin/nextgen-smooth-gallery.1.2.zip + version : 1.2 or lower maybe also...
WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection
WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection WordPress NextGEN Smooth Gallery BLIND SQL injection Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : 03 August, 2010 Software Information + Download :...
WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection
WordPress NextGEN Smooth Gallery BLIND SQL injection Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : 03 August, 2010 Software Information + Download : http://downloads.wordpress.org/plugin/nextgen-smooth-gallery.1.2.zip + version : 1.2 or lower maybe also...
WordPress NextGEN Gallery插件mode参数跨站脚本漏洞
BUGTRAQ ID: 39250 CVE ID: CVE-2010-1186 WordPress是一款免费的论坛Blog系统。 WordPress所使用的NextGEN Gallery图形库插件没有正确地转义提交给media-rss.php脚本的mode参数: /----- $mode = $GET"mode"; - -----/ 如果没有选择正确的mode,该参数就被返回给用户: /----- else header'content-type:text/plain;charset=utf-8'; echo sprintf"Invalid MediaRSS command...
Cross site scripting
Cross-site scripting XSS vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
CVE-2010-1186
Cross-site scripting XSS vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
CVE-2010-1186
Cross-site scripting XSS vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
CVE-2010-1186
The CVE-2010-1186 entry documents a Cross-Site Scripting (XSS) vulnerability in the NextGEN Gallery WordPress plugin. Affected component: xml/media-rss.php; vulnerable until version 1.5.2 where the mode parameter is reflected without proper escaping, enabling remote attackers to inject arbitrary ...
Core Security Technologies Advisory 2010.0323
XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL: http://www.coresecurity.com/content/nextgen-gallery-xss-vulnerability Date published: 2010-04-06 Date of last update...
WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting
WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL:...
WordPress NextGEN Gallery Plugin <= 1.5.1 - XSS Vulnerability
This NextGEN Gallery plugin is prone to a cross-site scripting vulnerability. It is really popular plugin for the WordPress content management system, usually found as a blogging platform. The vulnerability manipulates the mode parameter of the xml/media-rss.php script and it results that...
XSS Vulnerability in NextGEN Gallery Wordpress Plugin
Advisory ID Internal CORE-2010-0323 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL:http://www.coresecurity.com/content/nextgen-gallery-xss-vulnerability Date published: 2010-04-06 Date of last update: 2010-03-25 Vendor...
WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting
XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL: http://www.coresecurity.com/content/nextgen-gallery-xss-vulnerability Date published: 2010-04-06 Date of last update...
CVE-2008-7175
Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...
Cross site scripting
Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...
CVE-2008-7175
Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...
CVE-2008-7175
The CVE refers to a cross-site scripting (XSS) vulnerability in the WordPress NextGEN Gallery plugin (