EUVD-2006-0223

Malware in sbrugna...

CVE-2011-3851

Cross-site scripting XSS vulnerability in the News theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

CVE-2006-0215

Cross-site scripting XSS vulnerability in admin.php in QualityEBiz Quality PPC QPPC 1.0 build 1644 allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. NOTE: this issue might be resultant from CVE-2006-0216...

CVE-2011-3853

Cross-site scripting XSS vulnerability in the Hybrid theme before 0.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the News theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

CVE-2011-3851

Cross-site scripting XSS vulnerability in the News theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

PT-2011-4729 · Hybrid · Hybrid

Name of the Vulnerable Software and Affected Versions: Hybrid theme versions prior to 0.10 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. This can lead to the execution of malicious code on the client-side...

PT-2011-4727 · WordPress · Wordpress News Theme

Name of the Vulnerable Software and Affected Versions: WordPress News theme version prior to 0.2 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. This can lead to the execution of malicious scripts on the client-side...

PT-2011-4740 · Erudite · Erudite

Name of the Vulnerable Software and Affected Versions: The Erudite theme versions prior to 2.7.9 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. Recommendations: For versions prior to 2.7.9, update to version 2.7.9 ...

PT-2011-4735 · WordPress · Trending Theme

Name of the Vulnerable Software and Affected Versions: Trending theme for WordPress versions prior to 0.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter, which can lead to cross-site scripting XSS attacks. Recommendations: For version...

WordPress News Theme <= 0.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "cpage" parameter. Solution Update the theme...

CVE-2006-0215

Cross-site scripting XSS vulnerability in admin.php in QualityEBiz Quality PPC QPPC 1.0 build 1644 allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. NOTE: this issue might be resultant from CVE-2006-0216...

Design/Logic Flaw

admin.php in QualityEBiz Quality PPC QPPC 1.0 build 1644 allows remote attackers to obtain sensitive information, possibly the installation path of the application, via unspecified "meta characters" to the cpage parameter...

CVE-2006-0215

CVE-2006-0215 corresponds to an XSS vulnerability in QualityEBiz Quality PPC (QPPC) 1.0 build 1644, specifically in admin.php where the cpage parameter can be exploited to inject arbitrary script/HTML. The description notes this issue may be a result of CVE-2006-0216, indicating potential overlap...