openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-272)

This update for cacti, cacti-spine fixes the following issues : cacti-spine was updated to version 1.2.9. Security issues fixed : - CVE-2009-4112: Fixed a privilege escalation bsc1122535. - CVE-2018-20723: Fixed a cross-site scripting XSS vulnerability bsc1122245. - CVE-2018-20724: Fixed a...

WordPress Plugin WP Advanced Comment 0.10 - Persistent Cross-Site Scripting

WordPress Plugin WP Advanced Comment 0.10 - Persistent Cross-Site Scripting 1. Introduction Exploit Title: WordPress WP Advanced Comment 0.10 Persistent XSS Date: Mar.09.2016 Exploit Author: Mohammad Khaleghi Contact: https://twitter.com/blackmatrix Vendor: Ravi Shakya Tested On: Apache2.2 / PHP5...

PHPWiki 1.5.4 Cross Site Scripting / Local File Inclusion

Title: phpwiki 1.5.4 - Cross Site Scripting / Local File Inclusion Date: 29.08.15 Vendor: sourceforge.net/projects/phpwiki/ Affected versions: = 1.5.4 current Tested on: Apache2.2 / PHP5 / Deb32 Author: Smash Contact: smash at devilteam.pl 1/ Cross Site Scripting Cross-site scripting vulnerabilit...

Pluck 4.7.3 - Multiple vulnerabilities

Pluck CMS version 4.7.3 suffers from code execution, cross site request forgery, cross site scripting, and local file inclusion vulnerabilities. Title: Pluck 4.7.3 - Multiple vulnerabilities Date: 28.08.15 Vendor: pluck-cms.org Affected versions: = 4.7.3 current Tested on: Apache2.2 / PHP5 / Deb3...