CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

Prion•added 2014/11/26 3:59 p.m.•21 views

Sql injection

Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery contus-video-gallery plugin 2.5, possibly as distributed before 2014-07-23, for WordPress allow 1 remote attackers to execute arbitrary SQL commands via the vid parameter in a myextract action to wp-admin/admin-ajax.php ...

7.5CVSS8.8AI score0.02542EPSS

Exploits2References3Affected Software1

NVD•added 2014/10/21 2:55 p.m.•6 views

CVE-2014-8375

SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...

6.5CVSS8.4AI score0.0119EPSS

Exploits1References3

WPVulnDB•added 2014/08/01 12:0 a.m.•14 views

Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion

Plugin is still affected and has been closed...

5CVSS2AI score0.2301EPSS

Exploits1References3Affected Software1

Cvelist•added 2014/06/16 6:0 p.m.•18 views

CVE-2014-4163

Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...

7.2AI score0.00229EPSS

Exploits1References1

NVD•added 2013/09/10 7:55 p.m.•9 views

CVE-2013-5673

SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the customquery parameter in a testimonialadd action to wp-admin/admin-ajax.php...

7.5CVSS8.4AI score0.03012EPSS

Exploits1References8

Atlassian•added 2013/03/06 1:6 a.m.•21 views

XSS vulnerability in invite-users-panel.vm [$i18n.getText('easyuser.send.invitations.email.placeholder', [$siteTitle]), line 37]

Panopticon http://panopticon.dyn.syd.atlassian.com/ has detected that the following file contains a XSS vulnerability. This vulnerability has been manually confirmed. File: confluence-plugins/confluence-bundled-plugins/confluence-easyuser-admin/src/main/resources/templates/invite-users-panel.vm...

0.7AI score

Exploits0

UbuntuCve•added 2007/05/22 9:30 p.m.•23 views

CVE-2007-2821

SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter...

7.5CVSS6.2AI score0.05685EPSS

Exploits1References1

Debian CVE•added 2007/05/22 9:0 p.m.•23 views

CVE-2007-2821

SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter...

7.5CVSS7.6AI score0.05685EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by