EUVD-2017-8226

Malware in sbrugna...

EUVD-2022-24968

Malicious code in bioql PyPI...

CVE-2022-1683

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they ca...

CVE-2017-17059

XSS exists in the amtyThumb amty-thumb-recent-post aka amtyThumb posts or wp-thumb-post plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php...

WordPress amtyThumb plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress amtyThumb plugin 4.2.0 and earlier versions are vulnerable to SQL injection, which stems fr...

CVE-2022-1683

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they ca...

CVE-2022-1683

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they ca...

Sql injection

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they ca...

WordPress plugin amtyThumb SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress amtyThumb plugin 4.2.0 and earlier versions are vulnerable to SQL injection, which stems fr...

CVE-2022-1683

The CVE pertains to WordPress amtyThumb plugin (versions ≤ 4.2.0). The vulnerability is an SQL injection caused by unsanitized/untested parameters in the plugin’s shortcode, exploitable by any authenticated user via an AJAX action that processes the shortcode. PoCs show an authenticated-user POST...

CVE-2022-1683 amtyThumb <= 4.2.0 - Subscriber+ SQLi

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they ca...

WordPress amtyThumb plugin <= 4.2.0 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer Fraunhofer IESE, Germany and Shi Chen University of Kaiserslautern, Germany in the WordPress amtyThumb plugin versions = 4.2.0. Solution Deactivate and delete. This plugin has been closed as of May 12, 2022 and is not...

amtyThumb <= 4.2.0 - Subscriber+ SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they can execute shortcodes via an AJAX...

amtyThumb <= 4.2.0 - Subscriber+ SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they can execute shortcodes via an AJAX...

WordPress amtyThumb posts plugin 8.1.3 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found in WordPress amtyThumb posts plugin version 8.1.3. Solution 02.12.2017 - no information about the patched version. The last version released one year ago. Looks like abandoned plugin, use with caution, or uninstall...

WordPress amtyThumb amty-thumb-recent-post plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL. amtyThumb amty-thumb-recent-post also known as amtyThumb posts or wp-thumb- post plugin is used in one of the...

CVE-2017-17059

XSS exists in the amtyThumb amty-thumb-recent-post aka amtyThumb posts or wp-thumb-post plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php...

Cross site scripting

XSS exists in the amtyThumb amty-thumb-recent-post aka amtyThumb posts or wp-thumb-post plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php...

CVE-2017-17059

XSS exists in the amtyThumb amty-thumb-recent-post aka amtyThumb posts or wp-thumb-post plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php...

CVE-2017-17059

XSS exists in the amtyThumb amty-thumb-recent-post aka amtyThumb posts or wp-thumb-post plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php...