Lucene search
K

591 matches found

WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.9 views

CAC Featured Content 0.8 - Shell Upload

The CAC Featured Content WordPress plugin was affected by a Shell Upload security vulnerability...

1.7AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 12:0 a.m.17 views

Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment Status Manipulation CSRF

The Featured Comments WordPress plugin was affected by a wp-admin/admin-ajax.php Comment Status Manipulation CSRF security vulnerability...

6.8CVSS2.3AI score0.02315EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Shopping Cart Script with Affiliate Program SQL Injection

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Shopping Cart Script with Affiliate Program SQL Injection Vendor url:http://www.yourfreeworld.com Version:n/a Price:399$ Published: 2010-06-19 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Real Estate SQL Injection Vulnerability

No description provided by source. Description Linux And window Version available: This software is available in both windows and linux version. It runs on asp and php extension. Listings: We can add unlimited property listing, with the property photo. System automatically creates three thumbnail...

7.1AI score
Exploits0
Prion
Prion
added 2014/06/16 6:55 p.m.20 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...

6.8CVSS7.8AI score0.02315EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2014/06/16 6:0 p.m.39 views

CVE-2014-4163

The CVE-2014-4163 entry documents a CSRF vulnerability in the WordPress Featured Comments plugin (version 1.2.1). The issue allows an attacker to hijack administrator-authenticated requests to wp-admin/admin-ajax.php to change a comment’s status (buried/featured). Affected software: Featured Comm...

6.8CVSS7.4AI score0.02315EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/06/16 6:0 p.m.33 views

CVE-2014-4163

Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...

7.2AI score0.02315EPSS
Exploits1References1
exploitpack
exploitpack
added 2014/06/10 12:0 a.m.13 views

WordPress Plugin Featured Comments - Cross-Site Request Forgery

WordPress Plugin Featured Comments - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/67955/info Featured Comments plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized...

0.3AI score
Exploits0
Patchstack
Patchstack
added 2014/06/10 12:0 a.m.16 views

WordPress Featured Comments Plugin - Cross Site Request Forgery

Featured Comments plugin is prone to a cross-site request forgery vulnerability that allows an attacker to perform certain actions in the context of a logged-in user of the affected application. Solution Update the plugin...

6.8CVSS3.9AI score0.02315EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/04/27 12:0 a.m.38 views

Debian DSA-2913-1 : drupal7 - security update

An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to othe...

5CVSS6.1AI score0.01555EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/04/02 12:0 a.m.19 views

Fedora Update for gajim FEDORA-2013-4205

Check for the Version of gajim OpenVAS Vulnerability Test Fedora Update for gajim FEDORA-2013-4205 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

4.3CVSS0.01148EPSS
Exploits1References2
Dsquare
Dsquare
added 2012/02/09 12:0 a.m.39 views

Wordpress CAC Featured Content 0.8 File Upload

File upload vulnerability in Wordpress CAC Featured Content plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

6.8CVSS0.5AI score0.23165EPSS
Exploits17References1
Prion
Prion
added 2011/12/16 11:55 a.m.15 views

Design/Logic Flaw

The Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving...

10CVSS7.2AI score0.02004EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2011/12/16 11:55 a.m.15 views

Design/Logic Flaw

The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/featured-applications/ and certain oth...

10CVSS7.3AI score0.02004EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2011/09/19 12:0 a.m.37 views

WordPress Plugin timthumb.php Shell Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/09/19 12:0 a.m.57 views

Multiple WordPress Plugins - 'timthumb.php' File Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2011/08/28 12:0 a.m.20 views

WordPress Collision Testimonials plugin <= 3.0 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Collision Testimonials plugin = 3.0 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/collision-testimonials.zip Version: 3.0...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/08/28 12:0 a.m.17 views

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...

0.3AI score
Exploits0
Patchstack
Patchstack
added 2011/01/25 12:0 a.m.6 views

WordPress Featured Content Plugin 0.0.1 - Cross-Site Scripting Vulnerability

Featured Content plugin's "listid" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

2.8AI score
Exploits0Affected Software1
exploitpack
exploitpack
added 2011/01/23 12:0 a.m.8 views

WordPress Plugin WP Featured Post with Thumbnail 3.0 - src Cross-Site Scripting

WordPress Plugin WP Featured Post with Thumbnail 3.0 - src Cross-Site Scripting source: https://www.securityfocus.com/bid/45998/info The WP Featured Post with Thumbnail Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input...

6.7AI score
Exploits0
Rows per page
Query Builder