23 matches found
Information Leakage and Full path disclosure vulnerabilities in WordPress
Hello 3APA3A! I want to warn you about security vulnerabilities in WordPress which I published at 30.07.2010 during my Day of bugs in WordPress 2 project. ------------------------------ Advisory: Day of bugs in WordPress 2: Information Leakage and Full path disclosure vulnerabilities in WordPress...
CVE-2007-3494
Papoo CMS 3.6, and possibly earlier, does not verify user privileges when accessing the backend administration plugins, which allows remote authenticated users to 1 read the entire database by accessing the database backup plugin via a devtools/templates/newdumpbackend.html argument in the templa...
GLSA-200611-10 : WordPress: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200611-10 WordPress: Multiple vulnerabilities 'random' discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. 'adapter' found out that user-edit.php fails to...