EUVD-2006-4037

Malware in sbrugna...

CVE-2025-5395

The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'core.php' file in all versions up to, and including, 3.115.0. This makes it possible for authenticated attackers, with Author-level access and above, to...

CVE-2012-5692

Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board aka IPB or IP.Board 3.1.x through 3.3.x has unknown impact and remote attack vectors...

WordPress 3.9.x < 3.9.15 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...

CVE-2017-5488

Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...

CVE-2017-5488

Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...

WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php

...

Cool Video Gallery 1.8 - lib/core.php Multiple Actions CSRF

The Cool Video Gallery WordPress plugin was affected by a lib/core.php Multiple Actions CSRF security vulnerability...

phpCodeGenie <= 3.0.2 (BEAUT_PATH) Remote File Include Vulnerability

No description provided by source. / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - phpCodeGenie = 3.0.2 BEAUTPATH Remote File Include Vulnerability + + + - Script name: phpCodeGenie v. 3.0.2 - Script site: http://sourceforge.net/projects/phpcodegenie/ + + + - Find by: Kacper a.k.a Rahim +...

PHPCodeCabinet <= 0.5 (Core.php) Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63800' ssvid version = '1.0' author = '周神' vulDate = '2006-08-09' createDate = '2015-12-24...

Storyteller CMS (var) Local File Inclusion Vulnerability

No description provided by source. == Title: Storyteller CMS var Local File Include Vuln Version: n/a Link: http://www.esselbach.com/freeware.php?id=2 == Author: BorN To K!LL - h4ck3r Contact: [email protected] == Vuln code: in GetTemplate function , line 113 to 127 function GetTemplate$var if...

Invision-Power-Board 3.3.4 core.php 代码执行漏洞

No description provided by source...

Invision Power Board 'core.php'未明安全漏洞

Bugtraq ID:56288 CVE ID:CVE-2012-4547 Invision Power Board是一款流行的PHP论坛程序。 Invision Power Board中的admin/sources/base/core.php存在一个未明安全漏洞，目前没有详细漏洞细节提供。 0 IP.Board Invision Power Board 3.x 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息：...

Cross site scripting

Cross-site scripting XSS vulnerability in the rcajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging...

WordPress Recent Comments Plugin <= 2.0.6 - XSS

Because of this vulnerability in the core.php, the attackers can inject arbitrary web script or HTML via the "page" parameter. Solution Update the plugin...

Cybershade CMS 0.2 - Remote File Inclusion

Cybershade CMS 0.2 - Remote File Inclusion Author: Author: Mr.SeCreT E-mail: [email protected] From: Syria Script Information: Script: Cybershade CMS 0.2 Remote File Inclusion Vulnerability Language: PHP Download:...

FestOS 2.2.1 Remote File Inclusion

Exploit Title: FestOs $reports header"Location:index.php"; include "includes/reportheader.php"; ? 3xplo!t : festospath/admin/reportsplacement.php?ABSOLUTEFILEPATH=Shell Code : FestOS.php requireonce$config'ABSOLUTEFILEPATH'."core/sessions.php"; 3xplo!t :...

Cybershade CMS 0.2b Remote File Inclusion Vulnerability

No description provided by source. Script Name : Cybershare CMS Download : http://sourceforge.net/project/downloading.php?groupid=213056&usemirror=surfnet&filename=cybershade0.2b-DEV.zip&40561526 Error : include $CMSROOT."core/core.php"; Vul. Code : htp://site/path/core/includes.php?CMSROOT=Shell...

Directory traversal

Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the permalink parameter in core.php, accessed through index.php; and 2 the thispost parameter in comments.php...