24 matches found
EUVD-2008-4712
Malware in sbrugna...
EUVD-2008-4714
Malware in sbrugna...
EUVD-2008-4713
Malware in sbrugna...
WP Comment Remix 1.4.3 - Remote SQL Injection Exploit
No description provided by source. ?php / WP Comment Remix 1.4.3 SQL Injection Proof of Concept By g30rg3x g30rg3xatchxsecuritydotorg Advisory: http://chxsecurity.org/advisories/adv-3-full.txt PoC Mirror: http://chxsecurity.org/proof-of-concepts/wp-comment-remix-143.zip Attention: This is a...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the wpcrdooptionspage function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcrhiddenforminput parameter...
CVE-2008-4732
SQL injection vulnerability in ajaxcomments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-4734
Cross-site request forgery CSRF vulnerability in the wpcrdooptionspage function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcrhiddenforminput parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 replytotext, 2 quotetext, 3 originallypostedby, 4 sep, 5 maxtags, 6 tagsep, 7 tagheadersep, 8 taglabel, and 9...
Sql injection
SQL injection vulnerability in ajaxcomments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-4733
Cross-site scripting XSS vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 replytotext, 2 quotetext, 3 originallypostedby, 4 sep, 5 maxtags, 6 tagsep, 7 tagheadersep, 8 taglabel, and 9...
CVE-2008-4732
Summary of CVE-2008-4732 : The WP Comment Remix WordPress plugin is affected by an SQL injection in the file ajax_comments.php . The vulnerability allows remote attackers to execute arbitrary SQL commands through the p parameter. Affected version range is plugin versions before 1.4.4 . The issue ...
CVE-2008-4734
The CVE-2008-4734 entry describes a Cross-Site Request Forgery in the WordPress plugin WP Comment Remix (before 1.4.4). The vulnerability affects the wpcr_do_options_page function, where an attacker can trigger unauthorized administrator actions by crafting a request that sets the wpcr_hidden_for...
CVE-2008-4732
SQL injection vulnerability in ajaxcomments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-4733
CVE-2008-4733 concerns the WP Comment Remix WordPress plugin. The vulnerability is an XSS in wpcommentremix.php affecting versions before 1.4.4, exploitable by supplying crafted values for the parameters (replytotext, quotetext, originallypostedby, sep, maxtags, tagsep, tagheadersep, taglabel, ta...
CVE-2008-4733
Cross-site scripting XSS vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 replytotext, 2 quotetext, 3 originallypostedby, 4 sep, 5 maxtags, 6 tagsep, 7 tagheadersep, 8 taglabel, and 9...
WordPress WP Comment Remix Plugin <= 1.4.3 - SQL Injection
Because of this vulnerability in ajaxcomments.php, the attackers can execute arbitrary SQL commands via the "p" parameter. Solution Update the plugin...
WordPress WP Comment Remix Plugin <= 1.4.3 - XSS
Because of this vulnerability in wpcommentremix.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
WordPress WP Comment Remix Plugin <= 1.4.3 - CSRF
Because of this vulnerability, the attackers can perform unauthorized actions as administrators via a request that sets the "wpcrhiddenforminput" parameter. Solution Update the plugin...
WP Comment Remix 1.4.3 Remote SQL Injection Exploit
No description provided by source. ?php / WP Comment Remix 1.4.3 SQL Injection Proof of Concept By g30rg3x g30rg3xatchxsecuritydotorg Advisory: http://chxsecurity.org/advisories/adv-3-full.txt PoC Mirror: http://chxsecurity.org/proof-of-concepts/wp-comment-remix-143.zip Attention: This is a...
WP Comment Remix < 1.4.4 - SQL Injection
The wp-comment-remix WordPress plugin was affected by a SQL Injection security vulnerability...