4 matches found
WordPress plugin ark-commenteditor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
phpok存储型xss一枚
简要描述: rt 详细说明: PHPOK4.0.556 漏了评论处的 编码转换。 $content = $this-get"content",'html'; type为 html的话 case 'html':$msg = pregreplace$tmp,'',$msg;break; 只过滤了 $tmp = array"//isU","//isU","//isU","//isU","//isU","//isU","//isU","//isU"; 太弱。 审核评论 alert 可获取 浏览该商品的 用户的cookie 以及后台审核时 管理员的 cookie 漏洞证明:...
CVE-2005-3059
CVE-2005-3059 affects Opera 8.50 on Linux and Windows. The vulnerabilities are described as multiple unspecified issues tied to (1) handling of the must-revalidate cache directive for HTTPS pages and (2) a cookie comment encoding display issue. The connected documents do not provide concrete expl...
CVE-2005-3059
Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to 1 " handling of must-revalidate cache directive for HTTPS pages" or 2 a "display issue with cookie comment encoding."...