Lucene search
+L

29 matches found

CNVD
CNVD
added 2018/04/02 12:0 a.m.8 views

Wordpress Contact Form 7 to Database Extension Plugin CSV Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A CSV injection vulnerability exists in the Wordpress Contact Form 7 to Database Extension plugin, which can be exploited by ...

9.6CVSS7.6AI score0.07743EPSS
Exploits5References1
0day.today
0day.today
added 2018/03/30 12:0 a.m.67 views

Wordpress Contact Form 7 to Database Extension 2.10.32 Plugin - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Contact Form 7 to Database Extension Wordpress Plugin CSV Injection Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: None Software Link:...

0.1AI score0.07743EPSS
Exploits5
exploitpack
exploitpack
added 2018/03/30 12:0 a.m.55 views

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection Exploit Title : Contact Form 7 to Database Extension Wordpress Plugin CSV Injection Date: 23-03-2018 Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: None Software Link:...

6.8CVSS9.6AI score0.07743EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/30 12:0 a.m.56 views

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection

Exploit Title : Contact Form 7 to Database Extension Wordpress Plugin CSV Injection Date: 23-03-2018 Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: None Software Link: https://wordpress.org/plugins/contact-form-7-to-database-extension Version: 2.10.32...

9.6CVSS9.3AI score0.07743EPSS
Exploits5
WPVulnDB
WPVulnDB
added 2015/02/22 12:0 a.m.11 views

Contact Form DB <= 2.8.26 - Cross-Site Scripting (XSS)

The contact-form-7-to-database-extension WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.6AI score0.01633EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2015/02/20 4:0 p.m.40 views

CVE-2015-2040

CVE-2015-2040 describes a cross-site scripting (XSS) vulnerability in the WordPress plugin Contact Form DB (CFDB / contact-form-7-to-database-extension) version 2.8.26. The issue allows remote attackers to inject arbitrary script/HTML via the submit_time parameter on the CF7DBPluginSubmissions pa...

4.3CVSS5.9AI score0.01633EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/02/18 12:0 a.m.57 views

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2501-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2501-1 advisory. Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a...

7.5CVSS7.6AI score0.53166EPSS
Exploits14References8
ATTACKERKB
ATTACKERKB
added 2009/01/22 11:30 p.m.5 views

CVE-2009-0257

Multiple cross-site scripting XSS vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 content of indexed files to the a Indexed Search Engine indexedsearch system extension; b...

4.3CVSS5.4AI score0.01562EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2007/01/10 2:1 p.m.3 views

security flaw

Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

6.6CVSS7.8AI score0.00379EPSS
Exploits0References4
Rows per page
Query Builder