WordPress Geo Mashup 1.8.2 Cross Site Scripting

Vulnerability title: Wordpress Geo Mashup plugin XSS Author: Paolo Perego CVE: CVE-2015-1383 Affected versions: = 1.8.2 Fixed version: 1.8.3 January, 11 2015 Product link: https://wordpress.org/plugins/geo-mashup/ Description Geo Mashup is a wordpress plugin designed to let you save location...

JAKCMS 2.01 - Code Execution

!/usr/bin/python JAKCMS query$sql; if $jakdb-affectedrows 0 $row = $result-fetchassoc; $SESSION'JAKLoggedIn' = true; Additionally, functionality in the backend, allows an administrative user to add a "phphook" whereby ad...