EUVD-2015-2895

Malware in sbrugna...

underscore-contrib 安全漏洞

underscore-contrib is an open source application from DocumentCloud. A security vulnerability exists in underscore-contrib version v0.3.0, which stems from the lib.fromQuery function containing a prototype contamination vulnerability...

WordPress Navis DocumentCloud Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language, which supports personal blogging sites on servers running PHP and MySQL.Navis DocumentCloud is one of the plug-ins that allows journalists to analyze, annotate, and publish documents. A...

CVE-2015-2807

Cross-site scripting XSS vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter...

CVE-2015-2807

The CVE-2015-2807 issue affects the WordPress Navis DocumentCloud plugin, specifically versions before 0.1.1. The vulnerability resides in the js/window.php file where the wpbase parameter is used, enabling a reflected cross-site scripting (XSS) attack. An attacker can inject arbitrary script/HTM...

CVE-2015-2807

Cross-site scripting XSS vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter...

WordPress Navis DocumentCloud 0.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Details ================ Software: Navis DocumentCloud Version: 0.1 Homepage: https://wordpress.org/plugins/navis-documentcloud/ Advisory report:...

WordPress Navis DocumentCloud 0.1 Cross Site Scripting

Details ================ Software: Navis DocumentCloud Version: 0.1 Homepage: https://wordpress.org/plugins/navis-documentcloud/ Advisory report: https://security.dxw.com/advisories/publicly-exploitable-xss-in-wordpress-plugin-navis-documentcloud/ CVE: CVE-2015-2807 CVSS: 6.4 Medium;...

Navis DocumentCloud 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The navis-documentcloud WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability...

WordPress Navis DocumentCloud Plugin <= 0.1.0 - XSS

This vulnerability is in js/window.php. It allows an attacker to inject arbitrary web script or HTML via the "wpbase" parameter. Solution Update the plugin...