WordPress Google Maps <7.11.18 - SQL Injection

WordPress Google Maps plugin before 7.11.18 contains a SQL injection vulnerability. The plugin includes /class.rest-api.php in the REST API and does not sanitize field names before a SELECT statement. An attacker can possibly obtain sensitive information from a database, modify data, and execute...

CVE-2010-0330

SQL injection vulnerability in the Googlemaps for ttnews jfeasymaps extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

EUVD-2010-0361

Malware in sbrugna...

EUVD-2013-7193

Malware in sbrugna...

EUVD-2013-7194

Malware in sbrugna...

EUVD-2013-7197

Malware in sbrugna...

EUVD-2013-7196

Malware in sbrugna...

EUVD-2013-7192

Malware in sbrugna...

EUVD-2014-9494

Malware in sbrugna...

EUVD-2013-7195

Malware in sbrugna...

CVE-2018-10138

The CATALooK.netStore module through 7.2.8 for DNN formerly DotNetNuke allows XSS via the /ViewEditGoogleMaps.aspx PortalID or CATSkin parameter, or the /ImageViewer.aspx link or desc parameter...

CVE-2014-9686

The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugingooglemap3kmlprxy.php. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7428...

Design/Logic Flaw

The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugingooglemap3kmlprxy.php. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7428...

CVE-2014-9686

The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugingooglemap3kmlprxy.php. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7428...

CVE-2014-9686

CVE-2014-9686 relates to the Joomla! Googlemaps plugin (versions 3.2 and earlier). An attacker who controls a sub-domain of the victim’s domain can trigger a denial of service by supplying a crafted value to the file plugin_googlemap3_kmlprxy.php via the url parameter. The issue is noted as a con...

Design/Logic Flaw

The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugingooglemap2proxy.php...

CVE-2013-7429

The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugingooglemap2proxy.php...

CVE-2013-7429

The CVE-2013-7429 entry describes a vulnerability in the Joomla! Googlemaps plugin prior to version 3.1. The vulnerability arises from an XML injection via the url parameter to plugin_googlemap2_proxy.php, enabling remote attackers to craft malicious XML data. The affected component is the Google...

CVE-2013-7429

The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugingooglemap2proxy.php...

PT-2017-5751 · Joomla · Googlemaps Plugin

Name of the Vulnerable Software and Affected Versions: Googlemaps plugin for Joomla! versions prior to 3.1 Description: The issue allows remote attackers to conduct XML injection attacks. This is achieved by exploiting the url parameter in the plugin googlemap2 proxy.php file. Recommendations: Fo...