Lucene search
+L

39 matches found

Prion
Prion
added 2014/10/01 2:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter...

4.3CVSS6.2AI score0.07062EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2014/10/01 2:0 p.m.25 views

CVE-2011-4624

Cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter...

5.8AI score0.07062EPSS
Exploits1References7
CVE
CVE
added 2014/10/01 2:0 p.m.79 views

CVE-2011-4624

The CVE-2011-4624 entry refers to a Cross-Site Scripting (XSS) flaw in the WordPress GRAND FlAGallery plugin (flash-album-gallery) specifically in facebook.php, exploitable before version 1.57 via the i parameter. Connected documents (e.g., NUCLEI template and OpenVAS entry) corroborate this XSS ...

4.3CVSS6AI score0.07062EPSS
Exploits1References7Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.9 views

GRAND FlAGallery Skins - compact_music_player/gallery.php playlist Parameter SQL Injection

The flagallery-skins WordPress plugin was affected by a compactmusicplayer/gallery.php playlist Parameter SQL Injection security vulnerability...

2.5AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.15 views

GRAND Flash Album Gallery 2.55 - "gid" SQL Injection

The Album and Image Gallery with Lightbox – Flagallery Photo Portfolio WordPress plugin was affected by a "gid" SQL Injection security vulnerability...

2.2AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.13 views

GRAND Flash Album Gallery <= 1.56 - XSS

The Album and Image Gallery with Lightbox – Flagallery Photo Portfolio WordPress plugin was affected by a XSS security vulnerability...

2.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.16 views

GRAND Flash Album Gallery 0.55 - lib/hitcounter.php pid Parameter SQL Injection

The Album and Image Gallery with Lightbox – Flagallery Photo Portfolio WordPress plugin was affected by a lib/hitcounter.php pid Parameter SQL Injection security vulnerability...

2.2AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.6 views

GRAND Flash Album Gallery - Multiple Vulnerabilities

The Album and Image Gallery with Lightbox – Flagallery Photo Portfolio WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability...

1.9AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.22 views

GRAND Flash Album Gallery 0.55 - admin/news.php want2Read Parameter Traversal Arbitrary File Access

The Album and Image Gallery with Lightbox – Flagallery Photo Portfolio WordPress plugin was affected by an admin/news.php want2Read Parameter Traversal Arbitrary File Access security vulnerability...

2.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.21 views

WordPress GRAND FlAGallery Plugin - SQL Injection

This plugin is prone to an SQL injection vulnerability in compactmusicplayer/gallery.php playlist parameter. Solution Upgrade the plugin...

2.6AI score
Exploits0References1Affected Software1
NVD
NVD
added 2013/06/01 2:21 p.m.15 views

CVE-2013-3261

Cross-site scripting XSS vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action...

4.3CVSS5.8AI score0.01615EPSS
Exploits0References2
Prion
Prion
added 2013/06/01 2:21 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action...

4.3CVSS6.2AI score0.01615EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/06/01 10:0 a.m.22 views

CVE-2013-3261

Cross-site scripting XSS vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action...

5.8AI score0.01615EPSS
Exploits0References2
CVE
CVE
added 2013/06/01 10:0 a.m.41 views

CVE-2013-3261

CVE-2013-3261 affects the WordPress GRAND FlAGallery plugin, specifically versions before 2.72. The vulnerability is a reflected XSS in wp-admin/admin.php where an attacker can inject arbitrary script/HTML through the s parameter in a flag-manage-gallery action. The issue is caused by insufficien...

4.3CVSS6AI score0.01615EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2013/05/22 12:0 a.m.22 views

Wordpress Flagallery-Skins SQL Injection

Exploit Title : Wordpress Flagallery-skins plugin SQL Injection Exploit Author : Ashiyane Digital Security Team Home : www.ashiyane.org Security Risk : Medium Dork : inurl:/wp-content/plugins/flagallery-skins/compactmusicplayer/gallery.php?playlist= Tested on: Linux...

Exploits0
Patchstack
Patchstack
added 2013/04/22 12:0 a.m.19 views

WordPress GRAND FlAGallery Plugin <= 2.71 - XSS

Because of this vulnerability in wp-admin/admin.php, the attackers can inject arbitrary web script or HTML via the "s" parameter in a flag-manage-gallery action. Solution Update the plugin...

4.3CVSS2.9AI score0.01615EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2011/12/12 12:0 a.m.20 views

WordPress Grand FlAGallery Plugin 1.57 - Cross Site Scripting

WordPress Grand FlAGallery plugin's "flagshow.php" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker c...

4.3CVSS2.5AI score0.07062EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2011/12/12 12:0 a.m.13 views

WordPress Plugin GRAND FlAGallery 1.57 - flagshow.php Cross-Site Scripting

WordPress Plugin GRAND FlAGallery 1.57 - flagshow.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51012/info GRAND FlAGallery plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverag...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2011/12/12 12:0 a.m.28 views

WordPress Plugin GRAND FlAGallery 1.57 - &#039;flagshow.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/51012/info GRAND FlAGallery plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
Rows per page
Query Builder