CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

Packet Storm•added 2024/09/01 12:0 a.m.•214 views

WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner', 'Description' = %q This module attempts to exploit a UNION-based SQL...

7.5CVSS7.4AI score0.80939EPSS

Exploits4

CNVD•added 2016/10/20 12:0 a.m.•1 views

Wordpress contus-video-comments plugin remote file upload vulnerability

WordPress is a suite of blogging platforms developed using the PHP language by the WordPress Software Foundation. contus-video-comments is one of the video comment plugins. A remote file upload vulnerability exists in version v1.0 of the Wordpress contus-video-comments plugin, which can be...

9.4CVSS7.1AI score0.35658EPSS

Exploits1References1

OSV•added 2016/10/06 2:59 p.m.•1 views

CVE-2016-1000112

Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin...

9.1CVSS5.8AI score0.35658EPSS

Exploits1References2

NVD•added 2016/10/06 2:59 p.m.•7 views

CVE-2016-1000112

Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin...

9.4CVSS9.3AI score0.35658EPSS

Exploits1References2

Prion•added 2016/10/06 2:59 p.m.•7 views

Design/Logic Flaw

Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin...

9.4CVSS7.3AI score0.35658EPSS

Exploits1References2Affected Software1

CVE•added 2016/10/06 2:0 p.m.•38 views

CVE-2016-1000112

Affected software : WordPress plugin contus-video-comments v1.0. Vulnerability : Unauthenticated remote upload of .jpg files via the contus-video-comments plugin, enabling an attacker to upload arbitrary files. The issue is described consistently across CVE-2016-1000112 entries and CNVD/PATCHSTAC...

9.4CVSS9.2AI score0.35658EPSS

Exploits1References2Affected Software1

Cvelist•added 2016/10/06 2:0 p.m.•13 views

CVE-2016-1000112

Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin...

9.3AI score0.35658EPSS

Exploits1References2

wpexploit•added 2016/06/22 12:0 a.m.•14 views

Contus Video Comments - Unauthenticated Remote JPG File Upload

The contus-video-comments WordPress plugin was affected by an Unauthenticated Remote JPG File Upload security vulnerability. curl --data @image.jpg "http://www.example.com/wp-content/plugins/contus-video-comments/save.php?id=../image"...

1.7AI score

Exploits0References1

Patchstack•added 2016/06/22 12:0 a.m.•16 views

WordPress Contus Video Comments Plugin - Remote File Upload

This plugin is prone to a remote file upload vulnerability, because any user can upload .jpg files to the WordPress installation. Solution Update the plugin...

9.4CVSS2.8AI score0.35658EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2016/06/22 12:0 a.m.•9 views

Contus Video Comments - Unauthenticated Remote JPG File Upload

The contus-video-comments WordPress plugin was affected by an Unauthenticated Remote JPG File Upload security vulnerability. PoC curl --data @image.jpg "http://www.example.com/wp-content/plugins/contus-video-comments/save.php?id=../image"...

0.9AI score

Exploits0References1Affected Software1

Packet Storm•added 2016/06/22 12:0 a.m.•29 views

WordPress Contus Video Comments 1.0 File Upload

Title: Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2016-06-15 Download Site: https://wordpress.org/plugins/contus-video-comments/ Vendor: https://profiles.wordpress.org/hdflvplayer/ Vendor Notified: 2016-06-16...

7AI score

Exploits0

Joomla! Vulnerable Extensions List•added 2015/06/25 12:0 a.m.•24 views

Contus HD Video Share (aka HDVideoShare) by Apptha [com_contushdvideoshare], 3.5 and below, Directory Traversal

Contus HD Video Share by Apptha comcontushdvideoshare, 3.5 and below, Directory Traversal...

3AI score

Exploits0References1Affected Software1

Patchstack•added 2015/05/15 12:0 a.m.•5 views

WordPress Contus HD FLV Player Plugin <= 1.7 - Arbitrary File Upload

This plugin is prone to an arbitrary file upload vulnerability. Solution Update plugin...

1.9AI score

Exploits0References1Affected Software1

CNVD•added 2015/05/12 12:0 a.m.•1 views

WordPress Contus Video Gallery Plugin SQL Injection Vulnerability

WordPress is a content management system developed using PHP language. Contus Video Gallery is a video gallery plugin for WordPress sites. A SQL injection vulnerability exists in Contus Video Gallery 2.7 and earlier versions due to the program failing to properly filter the content of the "vid" G...

8.2AI score

Exploits0References1

Metasploit•added 2015/04/26 9:54 p.m.•23 views

WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner

This module attempts to exploit a UNION-based SQL injection in Contus Video Gallery for Wordpress version 2.7 and likely prior in order if the instance is vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

7.5CVSS0.9AI score0.80939EPSS

Exploits4

CVE•added 2015/02/24 5:0 p.m.•71 views

CVE-2015-2065

CVE-2015-2065 is a SQL injection vulnerability in the Apptha WordPress Video Gallery (contus-video-gallery) plugin for WordPress, affecting versions before 2.8. The flaw allows remote attackers to execute arbitrary SQL commands via the vid parameter in a rss action to wp-admin/admin-ajax.php. The...

7.5CVSS8.6AI score0.80939EPSS

Exploits4References5Affected Software1

Joomla! Vulnerable Extensions List•added 2014/12/02 1:48 a.m.•17 views

HDFLVPlayer, 2.0, Directory Traversal

HDFLVPlayer, 2.0, Directory Traversal Contus/apptha developers statement We fixed the directory traversal issue and updated the version with 2.2 UpdateNoticeURL http://www.hdflvplayer.net/hd-flv-player-download.php...

2.1AI score

Exploits0

WPVulnDB•added 2014/08/01 10:59 a.m.•18 views

Contus Video Gallery 2.0 & 1.6 - SQL Injection

The contus-video-gallery WordPress plugin was affected by a SQL Injection security vulnerability...

7.5CVSS2.7AI score0.00713EPSS

Exploits0References2Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•22 views

WordPress Contus HD FLV Player plugin <= 1.3 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Contus HD FLV Player plugin = 1.3 SQL Injection Vulnerability Date: 2011-08-17 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/contus-hd-flv-player.1.3.zip Version: 1.3...

7.1AI score

Exploits0

Dsquare•added 2012/11/12 12:0 a.m.•100 views

WordPress Contus Vblog 1.0 File Upload

File upload vulnerability in WordPress Contus Vblog plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

0.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by