CVE-2012-10002

A vulnerability was found in ahmyi RivetTracker. It has been declared as problematic. Affected by this vulnerability is the function changeColor of the file css.php. The manipulation of the argument setcss leads to cross site scripting. The attack can be launched remotely. The patch is named...

Cross site scripting

A vulnerability was found in ahmyi RivetTracker. It has been declared as problematic. Affected by this vulnerability is the function changeColor of the file css.php. The manipulation of the argument setcss leads to cross site scripting. The attack can be launched remotely. The patch is named...

CVE-2012-10002 ahmyi RivetTracker css.php changeColor cross site scripting

A vulnerability was found in ahmyi RivetTracker. It has been declared as problematic. Affected by this vulnerability is the function changeColor of the file css.php. The manipulation of the argument setcss leads to cross site scripting. The attack can be launched remotely. The patch is named...

CVE-2012-10002

CVE-2012-10002 affects ahmyi RivetTracker, specifically the changeColor function in css.php. The issue arises from manipulating the set_css argument, enabling cross-site scripting (XSS) via remote access. The vulnerability is documented across multiple sources with the same signature, including a...

PT-2023-9939 · Unknown · Ahmyi Rivettracker

Name of the Vulnerable Software and Affected Versions: ahmyi RivetTracker affected versions not specified Description: A vulnerability was found in ahmyi RivetTracker, affecting the function changeColor of the file css.php. The manipulation of the argument set css leads to cross-site scripting. T...

VulnCheck KEV: CVE-2015-9406

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

Directory traversal

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

EUVD-2015-9246

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

Directory traversal

Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a 1 .. dot dot in the file parameter to a webmail/client/skins/default/css/css.php page or .../. dot dot dot slash dot in the 2 script or 3 style parameter to...

WordPress Parsi Font Plugin <= 4.2.5 - Cross Site Scripting (XSS)

This plugin is prone to a reflected cross site scripting vulnerability. Vulnerable file is /parsi-font/css.php. Solution Update the plugin...

Wordpress mTheme Unus-css.php文件-本地文件包含漏洞

No description provided by source...

WordPress WP Mobile Edition Plugin 2.2.7 /wp-content/themes/mTheme-Unus/css/css.php 文件下载

影响： - WP Mobile Edition版本低于2.2.7有该漏洞。 - 首次启用WP Mobile Edition 插件之后，即使停用或删除该插件，漏洞也会一直存在。 - 即使升级插件，若已经启用过漏洞存在的版本，漏洞也同样存在。 - css.php用于压缩css文件，并不只存在于该插件之中，而是 https://github.com/mrclay/ 的开源代码，使用该文件的网站也存在该漏洞。 详情 插件下载地址：https://downloads.wordpress.org/plugin/wp-mobile-edition.2.2.7.zip...

WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure

WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure Exploit Title: Wordpress Plugin 'WP Mobile Edition' Remote File Disclosure Vulnerability Date: April 11, 2015 Exploit Author: @LookHin Khwanchai Kaewyos Google Dork: inurl:?fdxswitcher=mobile Vendor Homepage:...

VBulletin 1.0.1 lite/2.x/3.0 /admincp/css.php group Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14874/info vBulletin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...

WordPress Slideshow Gallery 2 Cross SIte Scripting

Exploit Title: Wordpress Slideshow Gallery 2 Cross Site Scripting Exploit Date: 26 January 2011 Author: Bret Hawk Software Link: http://wordpress.org/extend/plugins/slideshow-gallery-2/ Version: 2xxx and Prior Tested on: Linux Unix The Wordpress slideshow Gallery2 plugin suffers cross site...

Cyberfolio &lt;= 7.12.2 (css.php theme) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl Cyberfolio = 7.12.2 Local File Inclusion Vulnerability Script site: http://cyberfolio.org/...

Cyberfolio <= 7.12.2 (css.php theme) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================= Cyberfolio = 7.12.2 css.php theme Local File Inclusion Vulnerability ======================================================================= :::::::-. ... ::::::. :::...

Cyberfolio 7.12.2 - theme Local File Inclusion

Cyberfolio 7.12.2 - theme Local File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl Cyberfolio = 7.12.2 Local File Inclusion Vulnerability Script site:...

Directory traversal

Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 ewikiid and 2 ewikiaction parameters to fragments/css.php, and possibly the 3 id parameter ...

CVE-2008-2672

Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 ewikiid and 2 ewikiaction parameters to fragments/css.php, and possibly the 3 id parameter ...