WordPress SeaFood Company theme <= 1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme SeaFood Company versions = 1.4...

EUVD-2013-1810

Malware in sbrugna...

CVE-2013-1786

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-1786

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-1786

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-1786

CVE-2013-1786 is a Drupal-related XSS in the contributed Company Theme before 7.x-1.4. The vulnerability lies in the 3 slide gallery not properly sanitizing user-entered content, enabling remote authenticated users with the administer themes permission to inject arbitrary script/HTML via unspecif...

SA-CONTRIB-2013-032 - Company theme - Cross Site Scripting (XSS)

This third-party contributed theme changes Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...