591 matches found
CAC Featured Content 0.8 - Shell Upload
The CAC Featured Content WordPress plugin was affected by a Shell Upload security vulnerability...
Featured Comments 1.2.1 - wp-admin/admin-ajax.php Comment Status Manipulation CSRF
The Featured Comments WordPress plugin was affected by a wp-admin/admin-ajax.php Comment Status Manipulation CSRF security vulnerability...
Shopping Cart Script with Affiliate Program SQL Injection
No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Shopping Cart Script with Affiliate Program SQL Injection Vendor url:http://www.yourfreeworld.com Version:n/a Price:399$ Published: 2010-06-19 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue,...
Real Estate SQL Injection Vulnerability
No description provided by source. Description Linux And window Version available: This software is available in both windows and linux version. It runs on asp and php extension. Listings: We can add unlimited property listing, with the property photo. System automatically creates three thumbnail...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...
CVE-2014-4163
The CVE-2014-4163 entry documents a CSRF vulnerability in the WordPress Featured Comments plugin (version 1.2.1). The issue allows an attacker to hijack administrator-authenticated requests to wp-admin/admin-ajax.php to change a comment’s status (buried/featured). Affected software: Featured Comm...
CVE-2014-4163
Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...
WordPress Plugin Featured Comments - Cross-Site Request Forgery
WordPress Plugin Featured Comments - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/67955/info Featured Comments plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized...
WordPress Featured Comments Plugin - Cross Site Request Forgery
Featured Comments plugin is prone to a cross-site request forgery vulnerability that allows an attacker to perform certain actions in the context of a logged-in user of the affected application. Solution Update the plugin...
Debian DSA-2913-1 : drupal7 - security update
An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to othe...
Fedora Update for gajim FEDORA-2013-4205
Check for the Version of gajim OpenVAS Vulnerability Test Fedora Update for gajim FEDORA-2013-4205 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Wordpress CAC Featured Content 0.8 File Upload
File upload vulnerability in Wordpress CAC Featured Content plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
Design/Logic Flaw
The Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving...
Design/Logic Flaw
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/featured-applications/ and certain oth...
WordPress Plugin timthumb.php Shell Upload
Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...
Multiple WordPress Plugins - 'timthumb.php' File Upload
Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...
WordPress Collision Testimonials plugin <= 3.0 SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Collision Testimonials plugin = 3.0 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/collision-testimonials.zip Version: 3.0...
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...
WordPress Featured Content Plugin 0.0.1 - Cross-Site Scripting Vulnerability
Featured Content plugin's "listid" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...
WordPress Plugin WP Featured Post with Thumbnail 3.0 - src Cross-Site Scripting
WordPress Plugin WP Featured Post with Thumbnail 3.0 - src Cross-Site Scripting source: https://www.securityfocus.com/bid/45998/info The WP Featured Post with Thumbnail Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input...