Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2013-0285)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.08749EPSS
Exploits8References5
Mageia
Mageia
added 2013/09/19 9:45 a.m.51 views

Updated wordpress and php-phpmailer packages fix security vulnerabilities

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations CVE-2013-4338. WordPress before 3.6.1 does not properly validate URLs before...

7.5CVSS4.6AI score0.08749EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2013/09/15 12:0 a.m.49 views

Debian DSA-2757-1 : wordpress - several vulnerabilities

Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches...

7.5CVSS5.5AI score0.08749EPSS
Exploits8References14
Debian
Debian
added 2013/09/14 9:13 a.m.51 views

[SECURITY] [DSA 2757-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2757-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 14, 2013 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.08749EPSS
Exploits8
OpenVAS
OpenVAS
added 2013/09/14 12:0 a.m.32 views

Debian Security Advisory DSA 2757-1 (wordpress - several vulnerabilities)

Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches...

7.5CVSS0.08749EPSS
Exploits8References1
OSV
OSV
added 2013/09/14 12:0 a.m.33 views

DSA-2757-1 wordpress - several

Bulletin has no description...

7.5CVSS6AI score0.08749EPSS
Exploits8
OSV
OSV
added 2013/09/12 1:30 p.m.7 views

CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file, related to the getallowedmimetypes function in wp-includes/functions.php...

5.2AI score
Exploits0References6
CVE
CVE
added 2013/09/12 10:0 a.m.73 views

CVE-2013-5739

CVE-2013-5739 affects WordPress before 3.6.1; the default configuration allowed uploads of .swf and .exe files, which could enable cross-site scripting (XSS) by remote authenticated users. The issue is related to get_allowed_mime_types in wp-includes/functions.php. Connected advisories (Mageia, D...

3.5CVSS5.2AI score0.01764EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder