WordPress Plugin cnhk-Slideshow - Arbitrary File Upload

source: https://www.securityfocus.com/bid/67469/info The cnhk-slideshow plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to...

WordPress Cnhk Slideshow Plugin - Arbitrary File Upload

Cnhk Slideshow plugin is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary files to the affected computer. Solution Update the plugin...

CVE-2013-1759

Cross-site scripting XSS vulnerability in the Responsive Logo Slideshow plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the "URL and Image" field...

Cross site scripting

Cross-site scripting XSS vulnerability in the Responsive Logo Slideshow plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the "URL and Image" field...

CVE-2013-1759

Cross-site scripting XSS vulnerability in the Responsive Logo Slideshow plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the "URL and Image" field...

WordPress Responsive Logo Slideshow Cross Site Scripting

Exploit Title : Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/responsive-logo-slideshow/ CVE Assigned - CVE-2013-1759...

Wordpress plugin wp-homepage-slideshow Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Wordpress Plugins - wp superb Slideshow Full Path Disclosure

the attacker can use this bug for get Important information 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1...

[waraxe-2012-SA#092] - Multiple Vulnerabilities in Wordpress Slideshow Plugin

waraxe-2012-SA092 - Multiple Vulnerabilities in Wordpress Slideshow Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-92.html Description of vulnerab...

WordPress Slideshow Plugin <= 2.1.12 Multiple Vulnerabilities - Active Check

WordPress Slideshow Plugin is prone to multiple cross-site scripting XSS and full path disclosure vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure

waraxe-2012-SA092 - Multiple Vulnerabilities in Wordpress Slideshow Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-92.html Description of vulnerab...

WordPress Slideshow Plugin - Multiple Cross Site Scripting Vulnerabilities

WordPress Slideshow plugin is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. In that way, an attacker can steal cookie-based authentication...

WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/56090/info The Slideshow plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure

Exploit for php platform in category web applications Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-92.html Description of vulnerable target: Slideshow provides an easy way to integrate a slideshow for any WordPress installation. An...

WordPress Slideshow Plugin - Multiple Cross Site Scripting Vulnerabilities

WordPress Slideshow plugin is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. In that way, an attacker can steal cookie-based authentication...

WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/56090/info The Slideshow plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

CVE-2012-5229

Cross-site scripting XSS vulnerability in css/gallery-css.php in the Slideshow Gallery2 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the border parameter...

CVE-2012-5229

Cross-site scripting XSS vulnerability in css/gallery-css.php in the Slideshow Gallery2 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the border parameter...

CVE-2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...

Code injection

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...