WordPress e-search <=1.0 - Cross-Site Scripting

Wordpress plugin e-search 1.0 and before contains a cross-site scripting vulnerability via dateselect.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

EUVD-2005-4508

Malware in sbrugna...

EUVD-2016-1074

Malware in sbrugna...

EUVD-2016-1075

Malware in sbrugna...

Wordpress e-search plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. e-search is one of the search plug-ins. A cross-site scripting vulnerability exists in version 1.0 of the Wordpress...

Wordpress e-search plugin cross-site scripting vulnerability (CNVD-2016-09338)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. e-search is one of the search plug-ins. A cross-site scripting vulnerability exists in version 1.0 of the Wordpress...

CVE-2016-1000131

Reflected XSS in wordpress plugin e-search v1.0...

CVE-2016-1000130

Reflected XSS in wordpress plugin e-search v1.0...

Cross site scripting

Reflected XSS in wordpress plugin e-search v1.0...

CVE-2016-1000131

Reflected XSS in wordpress plugin e-search v1.0...

CVE-2016-1000130

CVE-2016-1000130 is a WordPress plugin issue in e-search

CVE-2016-1000130

Reflected XSS in wordpress plugin e-search v1.0...

CVE-2016-1000131

The CVE refers to WordPress e-search plugin (version 1.0 and earlier) with a reflected cross-site scripting (XSS) vulnerability. The nuclei template specifies exploitation via the title_az.php endpoint, allowing an attacker to execute arbitrary scripts in a user’s browser and potentially steal co...

WordPress E-Search Plugin <= 1.0 - Cross-Site Scripting (XSS)

Because of this vulnerability, the variable date-from appears to send unsanitized data back to the users browser. Solution Update the plugin...

e-search <= 1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The e-search WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. http://www.example.com/wp-content/plugins/e-search/tmpl/dateselect.php?date-from="alert1;alert1;"...

e-search <= 1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The e-search WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. PoC http://www.example.com/wp-content/plugins/e-search/tmpl/dateselect.php?date-from=""...

CVE-2005-4513

Cross-site scripting XSS vulnerability in WANDSOFT e-SEARCH allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keywords parameter...

CVE-2005-4513

The CVE-2005-4513 entry describes a Cross-site Scripting (XSS) vulnerability in the product WANDSOFT e-SEARCH . An attacker could trigger the issue by supplying crafted input in the search parameters (possibly the keywords parameter) that is reflected in the web page, enabling remote script/HTML ...

CVE-2005-4513

Cross-site scripting XSS vulnerability in WANDSOFT e-SEARCH allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keywords parameter...

WANDSOFT e-SEARCH XSS vuln.

WANDSOFT e-SEARCH XSS vuln. Vuln. discovered by : r0t Date: 22 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/wandsoft-e-search-xss-vuln.html vendor:http://www.wandsoft.com/products/ affected version:latest and its also used as search module for WANDSOFT e-Suite 4 and prior. Produ...