Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Prion
Prionadded 2020/03/12 2:15 p.m.9 views

Cross site request forgery (csrf)

CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request...

4.3CVSS4.6AI score0.00147EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2020/03/12 1:6 p.m.32 views

CVE-2020-10504

CVE-2020-10504 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/edit-comments.php enables an attacker to edit a comment by supplying an id via a crafted request. The vulnerability stems from insufficient CSRF protection in the affected endpoint, allowing unauthorized sta...

4.3CVSS4.5AI score0.00147EPSS
Exploits1References2Affected Software1
seebug.org
seebug.orgadded 2016/03/08 12:0 a.m.21 views

wordpress comment-rating-plugin edit-comments.php文件tab参数跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
CVE
CVEadded 2014/08/19 7:0 p.m.35 views

CVE-2014-5346

The CVE-2014-5346 entry affects the WordPress Disqus Comment System plugin version 2.77. The vulnerability is Cross-Site Request Forgery (CSRF) that allows remote attackers to hijack the authentication of administrators for requests that (1) activate or (2) deactivate the plugin via the active pa...

6.8CVSS7.5AI score0.00238EPSS
Exploits1References2Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.13 views

WordPress 1.2 edit-comments.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2008/01/02 12:0 a.m.5962 views

Arbitrary file edit, Local file include, Directory traversal and Full path disclosure in WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Arbitrary file edit, Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файле templates.php в параметрах file и page и файлах edit-pages.php, categories.php, edit-comments.php, moderation.php, post.php и...

Exploits0
OSV
OSVadded 2004/12/31 5:0 a.m.5 views

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

5.8AI score
Exploits0References7
securityvulns
securityvulnsadded 2004/09/30 12:0 a.m.21 views

Multiple XSS Vulnerabilities in Wordpress 1.2

Vendor : Wordpress URL : http://wordpress.org/ Version : Wordpress 1.2 Risk : XSS Description: WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability. ... Go to http://wordpress.org/ for detailed information. Cross Site...

6.2AI score
Exploits0
Rows per page
Query Builder