WordPress Illdy theme <= 2.1.6 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Illdy theme versions = 2.1.6. Solution Update the WordPress Illdy theme to the latest available version at least 2.1.7...

WordPress Regina Lite theme <= 2.0.5 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Regina Lite theme versions = 2.0.5. Solution Update the WordPress Regina Lite theme to the latest available version at least 2.0.6...

WordPress Antreas theme <= 1.0.6 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Antreas theme versions = 1.0.6. Solution Update the WordPress Antreas theme to the latest available version at least 1.0.7...

WordPress Pixova Lite theme <=2.0.6 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Pixova Lite theme versions =2.0.6. Solution Update the WordPress Pixova Lite theme to the latest available version at least 2.0.7...

WordPress Transcend theme <= 1.1.9 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Transcend theme versions = 1.1.9. Solution Update the WordPress Transcend theme to the latest available version at least 1.2.0...

WordPress Brilliance theme <=1.2.9 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Brilliance theme versions 1.2.9. Solution Update the WordPress Brilliance theme to the latest available version at least =1.3.0...

WordPress NatureMag Lite theme <=1.0.4 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress NatureMag Lite theme versions =1.0.4. Solution Theme removed from the WordPress theme repository...

WordPress Affluent theme <= 1.1.1 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Affluent theme versions = 1.1.1. Solution Update the WordPress Affluent theme to the latest available version at least 1.1.2...

WordPress Bonkers theme <= 1.0.5 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Bonkers theme versions = 1.0.5. Solution Update the WordPress Bonkers theme to the latest available version at least 1.0.6...

Multiple Themes - Unauthenticated Function Injection

Jerome Bruandet, from nintechnet, discovered numerous themes affected by Unauthenticated Function Injection issues, due to the lack of capability and CSRF nonce checks in AJAX actions. The naturemag-lite theme partially fixed the issues in v1.0.5, however it has been removed from the WordPress...

DLL Hijacking Vulnerability in Knock Knock pc Client Software

Jingdongdong is the official communication platform between customers, merchants and Jingdong, providing a channel for customers and merchants to give feedback. A DLL hijacking vulnerability exists in the Knockturn pc client software, which can be exploited by an attacker to inject an executable...

Design/Logic Flaw

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...

CVE-2008-4810

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

ThinkSAAS中tsUrlCheck()函数引发注入漏洞

No description provided by source...

CVE-2008-4810

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

CVE-2008-4810

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

CVE-2008-4810

The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and 1 a dollar-sign character, aka "php executed in templates;" and 2 a double quoted literal string, aka a "function...

[VulnWatch] Mysql CREATE FUNCTION mysql.func table arbitrary library injection

Mysql CREATE FUNCTION mysql.func table arbitrary library injection Author: Stefano Di Paola Vulnerable: Mysql = 4.0.23, 4.1.10 Type of Vulnerability: Local/Remote Privileges Escalation - input validation Tested On : Mandrake 10.1 /Debian Sarge Vendor Status: Notified on March 2005 -- Description...