71 matches found
EUVD-2010-1400
Malware in sbrugna...
EUVD-2021-11216
Malware in sbrugna...
EUVD-2012-1033
Malware in sbrugna...
CVE-2021-24302
The Hana Flv Player WordPress plugin through 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the 'Default Skin' field...
CVE-2012-10011
A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hdaddmedia/hdupdatemedia of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely...
WordPress ZD YouTube FLV Player plugin <= 1.2.6 - Server-Side Request Forgery vulnerability
Server-Side Request Forgery vulnerability discovered by Mike in WordPress Plugin ZD YouTube FLV Player versions = 1.2.6...
CVE-2024-2663 ZD YouTube FLV Player <= 1.2.6 - Server-Side Request Forgery
The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $GET'image' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web...
CVE-2024-2663 ZD YouTube FLV Player <= 1.2.6 - Server-Side Request Forgery
The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $GET'image' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web...
WordPress ZD YouTube FLV Player Plugin <= 1.2.6 is vulnerable to Server Side Request Forgery (SSRF)
Software ZD YouTube FLV Player Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-2663 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 49305c6b35a4 Credits Mike Required privile...
WordPress plugin ZD YouTube FLV Player 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
Sql injection
A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hdaddmedia/hdupdatemedia of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely...
CVE-2012-10011
CVE-2012-10011 describes a SQL injection in HD FLV PLayer Plugin for WordPress (versions up to 1.7) via the hd_add_media/hd_update_media functions in functions.php. The vulnerability can be triggered remotely by manipulating the name argument, potentially enabling data exposure or modification. A...
WordPress Plugin HD FLV PLayer SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress Hana Flv Player Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin Hana Flv Player 3.1.3, which is caused by XS...
CVE-2021-24302
The Hana Flv Player WordPress plugin through 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the 'Default Skin' field...
CVE-2021-24302
The Hana Flv Player WordPress plugin through 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the 'Default Skin' field...
Cross site scripting
The Hana Flv Player WordPress plugin through 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the 'Default Skin' field...
CVE-2021-24302
CVE-2021-24302 affects the Hana Flv Player WordPress plugin up to version 3.1.3. It is an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the Default Skin field, meaning an authenticated user can store a payload that executes in the context of other users. Several sources (includ...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin Hana Flv Player 3.1.3, which is caused by XS...
WordPress Hana Flv Player plugin <= 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Kishore Hariram in WordPress Hana Flv Player plugin versions = 3.1.3. Solution No patched version is available. The last version was released 8 years ago...