Slideshow: How to Avoid Getting Hacked While Traveling

VIEW SLIDESHOW How to Avoid Getting Hacked While Traveling Researcher Justin Morehouse has logged more than 100,000 miles to eight countries in the last year. His message: business travelers are at greater risk of being hacked than ever before, especially when it comes to smart phones and tablets...

SA-CONTRIB-2012-041 - Fancy Slide - Cross Site Scripting (XSS)

CVE: CVE-2012-2068 This module enables you to create slideshow blocks to embed into templates. The module doesn't sufficiently filter user supplied text. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer fancyslide". Versions affected...

Wordpress Rekt Slideshow 1.0.5 File Upload

File upload vulnerability in Wordpress Rekt Slideshow plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress Plugin Slideshow Gallery 1.1.x - border Cross-Site Scripting

WordPress Plugin Slideshow Gallery 1.1.x - border Cross-Site Scripting source: https://www.securityfocus.com/bid/51678/info Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this iss...

WordPress Slideshow Gallery 2 Cross SIte Scripting

Exploit Title: Wordpress Slideshow Gallery 2 Cross Site Scripting Exploit Date: 26 January 2011 Author: Bret Hawk Software Link: http://wordpress.org/extend/plugins/slideshow-gallery-2/ Version: 2xxx and Prior Tested on: Linux Unix The Wordpress slideshow Gallery2 plugin suffers cross site...

WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51678/info Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Slideshow: Scenes from S4 2012

VIEW SLIDESHOW Scenes from S4 2012 S4 is a conference hosted by Digital Bond, a security consulting firm based in Sunrise, Florida. Now in its fifth year, the S4 draws some of the world’s top experts in securing industrial control systems to sunny Miami Beach to discuss the state of the art. Here...

Slideshow: Threatpost Top Security News Stories of 2011

VIEW SLIDESHOW Threatpost Top Security News Stories of 2011 We’ve compiled our list of the Top Security Stories of 2011, presented here in no particular order. These are the issues that shook the world’s markets and kept us awake at night. If there’s a lesson here, it’s that cybersecurity...

CVE-2010-5002

Cross-site scripting XSS vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter...

CVE-2010-5002

Cross-site scripting XSS vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter...

WordPress Plugin timthumb.php Shell Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

Multiple WordPress Plugins - 'timthumb.php' File Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

WordPress Image Gallery With Slideshow 1.5 SQL Injection / Shell Upload

Title: Wordpress image-gallery-with-slideshow plugin = 1.5 Arbitrary file upload / SQL injection Version:1.5 Date: 30-8-2011 Author: Hrvoje Spoljar hrvoje.spoljaratgmail.com Software link: http://wordpress.org/extend/plugins/image-gallery-with-slideshow/ PoC: curl -F "[email protected]"...

WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities

Title: Wordpress image-gallery-with-slideshow plugin = 1.5 Arbitrary file upload / SQL injection Version:1.5 Date: 30-8-2011 Author: Hrvoje Spoljar hrvoje.spoljaratgmail.com Software link: http://wordpress.org/extend/plugins/image-gallery-with-slideshow/ PoC: curl -F "[email protected]"...

WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities

WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities Title: Wordpress image-gallery-with-slideshow plugin = 1.5 Arbitrary file upload / SQL injection Version:1.5 Date: 30-8-2011 Author: Hrvoje Spoljar hrvoje.spoljaratgmail.com Software link:...

WordPress Plugin Image Gallery with Slideshow <= 1.5 - Multiple Vulnerabilities

Multiple vulnerabilities found in WordPress Plugin Image Gallery with Slideshow version 1.5 and earlier versions. Solution Upgrade the plugin...

Wordpress Image Gallery with Slideshow plugin <= 1.5 Vulnerabilities

Exploit for php platform in category web applications Title: Wordpress image-gallery-with-slideshow plugin = 1.5 Arbitrary file upload / SQL injection Version:1.5 Date: 30-8-2011 Author: Hrvoje Spoljar hrvoje.spoljaratgmail.com Software link:...

Plugin for WordPress SH Slideshow <= 3.1.4 SQL injection flaws and fixes-vulnerability warning-the black bar safety net

Title: WordPress SH Slideshow plugin Affected version: 3.1.4 tested --------------- Test method --------------- /wp-content/plugins/sh-slideshow/ajax.php id=-1 AND 1=IF21,BENCHMARK5 0 0 0 0 0 0,MD5CHAR115,113,108,109,97,112,0--%2 0 --------------- Defect code analysis --------------- $result =...

WordPress SH Slideshow plugin <= 3.1.4 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress SH Slideshow plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $result = $wpdb-query'delete from shslides where id = '.$POST'id'; 0day.today 2018-04-10...

WordPress SH Slideshow Plugin <= 3.1.4 - SQL Injection

SH Slideshow plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...