Lucene search
K

7 matches found

seebug.org
seebug.org
added 2015/08/31 12:0 a.m.30 views

WordPress NewStatPress Plugin 0.9.8 xss+sql注入

主题地址:https://wordpress.org/plugins/newstatpress/影响版本:0.9.8Active installs: 20,000+CVE: CVE-2015-4062, CVE-2015-40631)sql注入 CWE-89 CVE-2015-4062 CODE:includes/nspsearch.php:94for$i=1;$i=3;$i++ if$GET"what$i" != '' && $GET"where$i" != '' $where.=" AND ".$GET"where$i"." LIKE '%".$GET"what$i"."%'";...

6.5CVSS6.8AI score0.09183EPSS
Exploits7
Cvelist
Cvelist
added 2015/05/27 6:0 p.m.31 views

CVE-2015-4062

SQL injection vulnerability in includes/nspsearch.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nspsearch page to wp-admin/admin.php...

7.9AI score0.09183EPSS
Exploits6References4
CVE
CVE
added 2015/05/27 6:0 p.m.91 views

CVE-2015-4062

CVE-2015-4062 affects WordPress plugin NewStatPress 0.9.8. The vulnerability is an SQL injection in includes/nsp_search.php that allows a remote authenticated user to execute arbitrary SQL via the where1 parameter on the nsp_search page (wp-admin/admin.php). The issue is demonstrated in multiple ...

6.5CVSS8.1AI score0.09183EPSS
Exploits6References4Affected Software1
0day.today
0day.today
added 2015/05/26 12:0 a.m.50 views

WordPress NewStatPress 0.9.8 Cross Site Scripting / SQL Injection Vulnerabilities

WordPress NewStatPress plugin version 0.9.8 suffers from cross site scripting and remote SQL injection vulnerabilities. Title: Multiple vulnerabilities in WordPress plugin "NewStatPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage:...

6.5CVSS0.1AI score0.09183EPSS
Exploits7
Exploit DB
Exploit DB
added 2015/05/26 12:0 a.m.37 views

WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities

Title: Multiple vulnerabilities in WordPress plugin "NewStatPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/newstatpress/ Active installs: 20,000+ Vulnerable version: 0.9.8 Fixed version: 0.9.9 CVE: CVE-2015-4062, CVE-2015-4063...

6.5CVSS6.4AI score0.09183EPSS
Exploits7
exploitpack
exploitpack
added 2015/05/26 12:0 a.m.34 views

WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities

WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities Title: Multiple vulnerabilities in WordPress plugin "NewStatPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/newstatpress/ Active installs: 20,000+ Vulnerable version:...

6.5CVSS0.3AI score0.09183EPSS
Exploits7
Packet Storm
Packet Storm
added 2015/05/25 12:0 a.m.44 views

WordPress NewStatPress 0.9.8 Cross Site Scripting / SQL Injection

Title: Multiple vulnerabilities in WordPress plugin "NewStatPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/newstatpress/ Active installs: 20,000+ Vulnerable version: 0.9.8 Fixed version: 0.9.9 CVE: CVE-2015-4062, CVE-2015-4063...

6.5CVSS0.2AI score0.09183EPSS
Exploits7
Rows per page
Query Builder