Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-5078

Malware in sbrugna...

6.5CVSS6.3AI score0.0237EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-53183

Malicious code in bioql PyPI...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:5 a.m.7 views

CVE-2023-49178

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 a.m.7 views

CVE-2014-5180

SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...

6.5CVSS8.3AI score0.0237EPSS
Exploits1References1
NVD
NVD
added 2023/12/15 3:15 p.m.17 views

CVE-2023-49178

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...

7.1CVSS0.00403EPSS
Exploits0References1
Prion
Prion
added 2023/12/15 3:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...

5.8CVSS7.1AI score0.00403EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/15 2:40 p.m.27 views

CVE-2023-49178 WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1
CVE
CVE
added 2023/12/15 2:40 p.m.74 views

CVE-2023-49178

CVE-2023-49178 describes a cross-site scripting (XSS) vulnerability in the WordPress plugin HDW Player Plugin (Video Player & Video Gallery) . The issue is caused by improper neutralization of input during web page generation, enabling a Reflected XSS. Affected software: HDW Player Plugin (Video ...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.5 views

WordPress Plugin HDW Player Plugin Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00403EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.22 views

HDW Player Plugin (Video Player & Video Gallery) <= 5.0 - Cross-Site Scripting

Description The HDW Player Plugin Video Player & Video Gallery plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.1CVSS6.5AI score0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/11/29 12:0 a.m.15 views

WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)

Software HDW Player Plugin Video Player & Video Gallery Type Plugin Vulnerable versions = 5.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-49178 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 27d63d522c9...

7.1CVSS5.6AI score0.00403EPSS
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2017/10/24 12:0 a.m.22 views

HDW Player,4.0.0, RCE

HDW Player,4.0.0 and all other versions, remote code execution Note that this vulnerabilitiy was supposedly fixed by the developer in version 3.2.2, the fact that this issue has arisen again suggests that the developer is aware of it and has created a deliberate back door. The VEL believe that th...

4.7AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/04/13 12:0 a.m.1 views

WordPress HDW Player Plugin SQL Injection Vulnerability

HDW Player is an application plugin available on the official WordPress Store that provides streaming media playback services. The WordPress HDW Player plugin suffers from a SQL injection vulnerability, which is exploited by attackers to read sensitive information in the database...

7.6AI score
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2016/10/24 12:0 a.m.18 views

HDW Player, 3.2.1 and older

HDW Player, 3.2.1 and older including 3.1 and 3.0 Remote code execution Please see https://vel.joomla.org/vel-blog/2033-hdw-player-4-0-0-rce for further information...

7.4AI score
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2014/09/19 5:51 a.m.18 views

HDW Player 2.4.2 - wp-admin/admin.php videos Page id Parameter SQL Injection

The HDW Player Plugin Video Player & Video Gallery WordPress plugin was affected by a wp-admin/admin.php videos Page id Parameter SQL Injection security vulnerability...

6.5CVSS2AI score0.0237EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2014/08/06 7:55 p.m.18 views

CVE-2014-5180

SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...

6.5CVSS8AI score0.0237EPSS
Exploits1References2
Prion
Prion
added 2014/08/06 7:55 p.m.15 views

Sql injection

SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...

6.5CVSS8.6AI score0.0237EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/08/06 7:0 p.m.17 views

CVE-2014-5180

SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...

8AI score0.0237EPSS
Exploits1References2
CVE
CVE
added 2014/08/06 7:0 p.m.41 views

CVE-2014-5180

The CVE-2014-5180 vulnerability affects the WordPress HDW Player Plugin (Video Player & Video Gallery) version 2.4.2. The flaw is a SQL injection in the videos page caused by an id parameter in the wp-admin/admin.php edit action, allowing remote authenticated administrators to execute arbitrary S...

6.5CVSS8.3AI score0.0237EPSS
Exploits1References2Affected Software1
Exploit DB
Exploit DB
added 2014/05/28 12:0 a.m.39 views

WordPress Plugin HDW Player - &#039;/wp-admin/admin.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/69105/info The WordPress HDW Player plugin Video Player & Video Gallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromi...

7.4AI score
Exploits0
Rows per page
Query Builder