EUVD-2009-4138

Malware in sbrugna...

WordPress WP Cumulus Plugin <= 1.22 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress WP-Cumulus Plugin 1.x 'tagcloud.swf' Cross-Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding=utf-8 import md5 import urllib2 from pocsuite.api.request import req from pocsuite.api.poc import register from pocsuite.api.poc import Output, POCBase ''' 位置：...

Flash Tag Cloud And MT-Cumulus Plugin - &#039;tagcloud&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/47845/info The Flash Tag Cloud widget and the MT-Cumulus Plugin are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Flash Tag Cloud And MT-Cumulus Plugin - tagcloud Cross-Site Scripting

Flash Tag Cloud And MT-Cumulus Plugin - tagcloud Cross-Site Scripting source: https://www.securityfocus.com/bid/47845/info The Flash Tag Cloud widget and the MT-Cumulus Plugin are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker...

CVE-2009-4168

CVE-2009-4168 is an XSS in Roy Tanck tagcloud.swf used by WP-Cumulus plugin (WordPress) and Joomulus module; tagcloud parameter in a tags action enables remote script/HTML injection. Affected: WP-Cumulus before 1.23 and Joomulus 2.0 and earlier. Root cause: tagcloud.swf parameter handling allows ...

CVE-2009-4168

Cross-site scripting XSS vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action. Cross-site...