35 matches found
EUVD-2013-5511
Malware in sbrugna...
EUVD-2024-23228
Malicious code in bioql PyPI...
WordPress Testimonial plugin <= 2.3 - Authenticated (Contributor+) SQL Injection vulnerability
Authenticated Contributor+ SQL Injection vulnerability discovered by ch4r0n in WordPress Plugin IndiaNIC Testimonial versions = 2.3...
CVE-2024-25926
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a through 1.1...
CVE-2024-25926 WordPress Widgets Controller plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a through 1.1...
CVE-2024-25926
CVE-2024-25926 affects the WordPress Widgets Controller plugin (versions <= 1.1). The vulnerability is an Unauthenticated Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation, enabling reflected XSS. Public sources consistently describe this as a WordPr...
PT-2024-21219 · Indianic · Indianic Widgets Controller
Name of the Vulnerable Software and Affected Versions: IndiaNIC Widgets Controller versions 1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker...
IndiaNIC FAQs Manager 1.0 - Blind SQL Injection
The faqs-manager WordPress plugin was affected by a Blind SQL Injection security vulnerability...
IndiaNIC FAQs Manager 1.0 - Ask Question Form question Parameter XSS
The faqs-manager WordPress plugin was affected by an Ask Question Form question Parameter XSS security vulnerability...
IndiaNIC Testimonial 2.2 - iNIC_testimonial_save Action Multiple Parameter XSS
The Testimonial WordPress plugin was affected by an iNICtestimonialsave Action Multiple Parameter XSS security vulnerability...
Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities
No description provided by source...
WordPress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection
No description provided by source. Exploit Title: WordPress IndiaNIC FAQ 1.0 Plugin Blind SQL Injection Google Dork: inurl:wp-content/plugins/faqs-manager Date: 21.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage:...
WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities
No description provided by source. html !-- Exploit Title: WordPress IndiaNIC FAQ 1.0 Plugin CSRF + XSS Google Dork: inurl:wp-content/plugins/faqs-manager Date: 21.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage:...
CVE-2013-5673
SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the customquery parameter in a testimonialadd action to wp-admin/admin-ajax.php...
Sql injection
SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the customquery parameter in a testimonialadd action to wp-admin/admin-ajax.php...
CVE-2013-5672
IndiaNIC Testimonial plugin 2.2 for WordPress is affected by multiple CSRF vulnerabilities that let remote attackers hijack administrator sessions via actions like iNIC_testimonial_save, iNIC_testimonial_save_listing_template, and iNIC_testimonial_save_widget, as well as inject XSS through numero...
CVE-2013-5673
CVE-2013-5673 concerns the WordPress plugin IndiaNIC Testimonial 2.2 , specifically a SQL injection in the file testimonial.php. The vulnerability allows remote attackers to craft a request through the testimonial_add action to wp-admin/admin-ajax.php, abusing the custom_query parameter to execut...
CVE-2013-5672
Multiple cross-site request forgery CSRF vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add a testimonial via an iNICtestimonialsave action; 2 add a listing template via an...
CVE-2013-5673
SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the customquery parameter in a testimonialadd action to wp-admin/admin-ajax.php...
IndiaNIC Testimonail WP plugin - Multiple vulnerabilities
Details ======================== Application: Testimonial Version: 2.2 Type: Wordpress plugin Vendor: IndiaNIC Vulnerability: - XSS CWE-79 - CSRF CWE-352 - SQL Injection CWE-89 Description ======================== Testimonial Plugin allows you to add, delete, edit and place what others said about...