17 matches found
CVE-2022-0380
The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...
EUVD-2010-5173
Malware in sbrugna...
EUVD-2022-15529
Malicious code in bioql PyPI...
CVE-2010-5214
Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dtp file. NOTE: some of these details are obtained from third party...
CVE-2022-0380
The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...
CVE-2022-0380
The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...
Cross site scripting
The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...
CVE-2022-0380 Fotobook <= 3.2.3 Reflected Cross-Site Scripting
The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...
CVE-2022-0380 Fotobook <= 3.2.3 Reflected Cross-Site Scripting
The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...
CVE-2022-0380
The CVE-2022-0380 entry concerns the Fotobook WordPress plugin (vulnerable through 3.2.3) with a Reflected Cross‑Site Scripting flaw. The root cause is insufficient escaping and the use of $_SERVER['PHP_SELF'] in ~/options-fotobook.php, enabling injection of arbitrary scripts onto the page. Affec...
WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...
WordPress Fotobook plugin <= 3.2.3 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Fotobook plugin versions = 3.2.3. Solution Deactivate and delete. This plugin has been closed as of January 27, 2022 and is not available for download. This closure is temporary, pending a full review...
Fotobook <= 3.2.3 - Reflected Cross-Site Scripting
The plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page...
CVE-2010-5214
Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dtp file. NOTE: some of these details are obtained from third party...
Design/Logic Flaw
Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dtp file. NOTE: some of these details are obtained from third party...
CVE-2010-5214
Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dtp file. NOTE: some of these details are obtained from third party...
CVE-2010-5214
CVE-2010-5214 affects Fotobook Editor 5.0 2.8.0.1 and is caused by an untrusted search path (DLL hijacking) where a Trojan horse Fwpuclnt.dll in the current working directory enables local privilege escalation, demonstrated by a directory containing a .dtp file. The provided sources corroborate t...