WordPress S3 Video Remote Shell Upload Vulnerability

WordPress S3 Video plugin suffers from a remote shell upload vulnerability. Versions prior to 0.91 are affected. Exploit Title : Wordpress S3 Video Plugin file upload Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://plugins.svn.wordpress.org/s3-video/tags/0.91/ Affected Version:...

Moxa SoftCMS IPCam.IPCam_Video_Render_Plugin.1 IVLCControl setConfigPath Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setConfigPath...

WordPress LB Tube Video Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress LB Tube Video Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

Blue Wrench Video Widget 1.0.2 - Multiple Stored Cross-Site Scripting (XSS)

The Blue Wrench Video Widget WordPress plugin was affected by a Multiple Stored Cross-Site Scripting XSS security vulnerability...

CVE-2013-7279

Cross-site scripting XSS vulnerability in views/video-management/previewvideo.php in the S3 Video plugin before 0.983 for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in views/video-management/previewvideo.php in the S3 Video plugin before 0.983 for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter...

CVE-2013-7279

Summary: CVE-2013-7279 is an XSS flaw in the WordPress S3 Video plugin (pre-0.983) where the base parameter of preview_video.php is not sanitized, allowing remote attackers to inject arbitrary script/HTML. Affected software: S3 Video WordPress plugin before 0.983. The vulnerability is triggered v...

CVE-2013-7279

Cross-site scripting XSS vulnerability in views/video-management/previewvideo.php in the S3 Video plugin before 0.983 for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter...

WordPress S3 Video Plugin <= 0.982 - XSS

Because of this vulnerability in views/video-management/previewvideo.php, the attackers can inject arbitrary web script or HTML via the "base" parameter. Solution Update the plugin...

WordPress Video Embed & Thumbnail Generator Plugin <= 1.9 - Remote Code Execution

Because of this vulnerability, the attackers can execute arbitrary commands via unspecified vectors. Solution Update the plugin...

XOOPS video tube plugin SQL injection-vulnerability warning-the black bar safety net

Publishing author: knife Affected versions: 2.4.4 Official address: www.discuz.net Vulnerability type: SQL injection Plug-in: video tube 1.85 the following test only a 1.85） Vulnerability file: reportvideopopup.php vid variable filter is not strictly produce SQL Injection if isset$GET'vid' $vid =...