EUVD-2013-6794

Malware in sbrugna...

Cross-Site Scripting (XSS) in Ad-minister Wordpress plugin

Advisory ID: HTB23187 Product: Ad-minister Wordpress plugin Vendor: henrikmelin, kalstrom Vulnerable Versions: 0.6 and probably prior Tested Version: 0.6 Advisory Publication: December 5, 2013 without technical details Vendor Notification: December 5, 2013 Public Disclosure: December 26, 2013...

CVE-2013-6993

Cross-site scripting XSS vulnerability in the Ad-minister plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the key parameter in a delete action to wp-admin/tools.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Ad-minister plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the key parameter in a delete action to wp-admin/tools.php...

CVE-2013-6993

Cross-site scripting XSS vulnerability in the Ad-minister plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the key parameter in a delete action to wp-admin/tools.php...

CVE-2013-6993

CVE-2013-6993 concerns the WordPress Ad-minister plugin (

WordPress Ad-minister 0.6 Cross Site Scripting Vulnerability

WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability. Product: Ad-minister Wordpress plugin Vendor: henrikmelin, kalstrom Vulnerable Versions: 0.6 and probably prior Tested Version: 0.6 Advisory Publication: December 5, 2013 without technical details Vendor...

Wordpress Ad-minister插件跨站脚本漏洞

CVE ID:CVE-2013-6993 WordPress是一款内容管理系统。 由于"key" HTTP GET参数传递到"/wp-admin/tools.php"脚本的参数未能充分过滤用户提供的数据， 远程攻击者可以欺骗登录的管理员访问恶意链接，在受影响网站的浏览器上下文中执行任意HTML和脚本代码。 0 Wordpress Ad-minister=0.6 厂商未提供官方的更新补丁，用户可使用非官方补丁： https://www.htbridge.com/advisory/HTB23187-patch.zip The exploitation example below uses t...

WordPress Ad-minister 0.6 Cross Site Scripting

Advisory ID: HTB23187 Product: Ad-minister Wordpress plugin Vendor: henrikmelin, kalstrom Vulnerable Versions: 0.6 and probably prior Tested Version: 0.6 Advisory Publication: December 5, 2013 without technical details Vendor Notification: December 5, 2013 Public Disclosure: December 26, 2013...

WordPress Ad-Minister Plugin <= 0.6 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "key" parameter in a delete action to wp-admin/tools.php. Solution Update the plugin...

Cross-Site Scripting (XSS) in Ad-minister Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in Ad-minister Wordpress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Ad-minister Wordpress plugin: CVE-2013-6993 The vulnerability exists due to insufficient sanitisation ...