14 matches found
EUVD-2014-5078
Malware in sbrugna...
EUVD-2023-53183
Malicious code in bioql PyPI...
CVE-2023-49178
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...
CVE-2014-5180
SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...
CVE-2023-49178
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...
CVE-2023-49178 WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...
CVE-2023-49178
CVE-2023-49178 describes a cross-site scripting (XSS) vulnerability in the WordPress plugin HDW Player Plugin (Video Player & Video Gallery) . The issue is caused by improper neutralization of input during web page generation, enabling a Reflected XSS. Affected software: HDW Player Plugin (Video ...
HDW Player Plugin (Video Player & Video Gallery) <= 5.0 - Cross-Site Scripting
Description The HDW Player Plugin Video Player & Video Gallery plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)
Software HDW Player Plugin Video Player & Video Gallery Type Plugin Vulnerable versions = 5.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-49178 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 27d63d522c9...
CVE-2014-5180
SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...
Sql injection
SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...
CVE-2014-5180
SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...
CVE-2014-5180
The CVE-2014-5180 vulnerability affects the WordPress HDW Player Plugin (Video Player & Video Gallery) version 2.4.2. The flaw is a SQL injection in the videos page caused by an id parameter in the wp-admin/admin.php edit action, allowing remote authenticated administrators to execute arbitrary S...