Exploit for Improper Restriction of XML External Entity Reference in Wordpress

CVE-2021-29447-PoC Overview CVE-2021-29447 is an XML Exte...

EUVD-2007-1032

Malware in sbrugna...

EUVD-2021-2270

Malware in sbrugna...

VulnCheck KEV: CVE-2014-4535

Cross-site scripting XSS vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php...

getID3 is vulnerable to XML External Entity (XXE)

getID3 before 1.9.9, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity XXE attack...

GHSA-5V43-55M5-QR8F getID3 is vulnerable to XML External Entity (XXE)

getID3 before 1.9.9, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity XXE attack...

GHSA-X2GW-85W6-FJJW Cross-site scripting in demos/demo.mysqli.php in getID3

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

Cross-site scripting in demos/demo.mysqli.php in getID3

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

DEBIAN-CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

UBUNTU-CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

CVE-2021-40926

CVE-2021-40926 is an XSS vulnerability in the GetID3 project. Affects demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta, where the showtagfiles parameter may be abused to inject arbitrary script/HTML. Descriptions across multiple registries (NVD, OSV, GHSA, UBUNTU, Nessus) confirm the issue but...

CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

GetId3 跨站脚本漏洞

GetId3 is used to extract useful information from Mp3 or other media files. A cross-site scripting vulnerability in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

CVE-2014-4535

Cross-site scripting XSS vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php...