CVE-2012-3578

Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct...

Unrestricted file upload

Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct...

CVE-2012-3578

The CVE covers an unrestricted file upload in the FCChat Widget WordPress plugin (versions up to 2.2.13.1). The vulnerability resides in html/Upload.php, where an attacker can upload a file with an executable extension followed by a safe extension and then access it directly under html/images, en...

CVE-2012-3578

Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct...

WordPress FCChat Widget Plugin 2.2.x - Arbitrary File Upload

FCChat Widget plugin's "Upload.php" is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also...

FCChat 2.2.11-2.2.13 - Upload.php Arbitrary File Upload

The FCChat Widget WordPress plugin was affected by an Upload.php Arbitrary File Upload security vulnerability...

WordPress FCChat Widget 2.1.7 Cross Site Scripting

------------------------------------------------------------------------ Software................WordPress FCChat Widget 2.1.7 Vulnerability...........Reflected Cross-site Scripting Download................http://www.fastcatsoftware.com/ Release Date............1/23/2011 Tested...

WordPress Plugin FCChat Widget 2.1.7 - path Cross-Site Scripting

WordPress Plugin FCChat Widget 2.1.7 - path Cross-Site Scripting source: https://www.securityfocus.com/bid/46009/info The FCChat Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

WordPress FCChat Widget Plugin 2.1.7 - Cross-Site Scripting Vulnerability

FCChat Widget plugin's "path" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...

WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46009/info The FCChat Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...