16 matches found
WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...
EUVD-2016-1078
Malware in sbrugna...
EUVD-2016-1079
Malware in sbrugna...
Wordpress hdw-tube plugin cross-site scripting vulnerability (CNVD-2016-09347)
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in Wordpress hdw-tube plugin version 1.2. An attacker can exploit...
Wordpress hdw-tube plugin cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in Wordpress hdw-tube plugin version 1.2. An attacker can exploit...
CVE-2016-1000135
Reflected XSS in wordpress plugin hdw-tube v1.2...
CVE-2016-1000135
Reflected XSS in wordpress plugin hdw-tube v1.2...
CVE-2016-1000134
Reflected XSS in wordpress plugin hdw-tube v1.2...
CVE-2016-1000134
Reflected XSS in wordpress plugin hdw-tube v1.2...
Cross site scripting
Reflected XSS in wordpress plugin hdw-tube v1.2...
Cross site scripting
Reflected XSS in wordpress plugin hdw-tube v1.2...
CVE-2016-1000135
The connected template confirms a Cross-Site Scripting (XSS) vulnerability in WordPress HDW Video Gallery plugin versions 1.2 and earlier, exploitable via mychannel.php (HDW Tube plugin). Successful exploitation allows arbitrary script execution in a user’s browser, potentially enabling session h...
CVE-2016-1000134
WordPress HDW Video Gallery = 1.3, which contains the fix. No additional exploit details are provided in the supplied documents.
CVE-2016-1000135
Reflected XSS in wordpress plugin hdw-tube v1.2...
WordPress HDW Tube Plugin <= 1.2 - Reflected XSS
This plugin is prone to a cross site scripting vulnerability via /hdw-tube/mychannel.php file. Solution Update the plugin...
HDW WordPress Video Gallery <= 1.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The hdw-tube WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. PoC http://www.example.com/wp-content/plugins/hdw-tube/playlist.php?playlist=""...