EUVD-2013-7183

Malware in sbrugna...

EUVD-2014-1040

Malware in sbrugna...

EUVD-2014-1039

Malware in sbrugna...

CVE-2014-100009

The Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to obtain the installation path via a request to 1 functions.php, 2 myCalendar.php, 3 refreshDate.php, 4 showimage.php, 5 widget.php, 6 phpthumb/GdThumb.inc.php, or 7...

Wordpress plugin Joomlaskin JS Multi Hotel cross-site scripting vulnerability

WordPress is a blogging platform developed by WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Joomlaskin JS Multi Hotel plugin is a hotel management plugin. A cross-site scripting vulnerability in the Wordpress plug...

CVE-2014-100009

The Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to obtain the installation path via a request to 1 functions.php, 2 myCalendar.php, 3 refreshDate.php, 4 showimage.php, 5 widget.php, 6 phpthumb/GdThumb.inc.php, or 7...

CVE-2014-100008

Cross-site scripting XSS vulnerability in includes/deleteimg.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter...

Path traversal

The Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to obtain the installation path via a request to 1 functions.php, 2 myCalendar.php, 3 refreshDate.php, 4 showimage.php, 5 widget.php, 6 phpthumb/GdThumb.inc.php, or 7...

Cross site scripting

Cross-site scripting XSS vulnerability in includes/deleteimg.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter...

CVE-2014-100008

The CVE concerns the WordPress plugin JS Multi Hotel (aka JS MultiHotel/Js-Multi-Hotel) and its file includes/delete_img.php. The vulnerability is a cross-site scripting flaw (XSS) that allows remote attackers to inject arbitrary web script or HTML via the path parameter in versions up to 2.2.1 a...

CVE-2014-100008

Cross-site scripting XSS vulnerability in includes/deleteimg.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter...

CVE-2014-100009

Affected software: WordPress plugin JS Multi Hotel (aka JS MultiHotel, Js-Multi-Hotel), version 2.2.1 and earlier. Vulnerability: path disclosure via direct requests to multiple PHP files (functions.php, myCalendar.php, refreshDate.php, show_image.php, widget.php, phpthumb/GdThumb.inc.php, phpthu...

CVE-2014-100009

The Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 and earlier for WordPress allows remote attackers to obtain the installation path via a request to 1 functions.php, 2 myCalendar.php, 3 refreshDate.php, 4 showimage.php, 5 widget.php, 6 phpthumb/GdThumb.inc.php, or 7...

CVE-2013-7419

Cross-site scripting XSS vulnerability in includes/refreshDate.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in includes/refreshDate.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomid parameter...

CVE-2013-7419

CVE-2013-7419 refers to a reflected XSS in the WordPress plugin Joomlaskin JS Multi Hotel (JS Multi Hotel) 2.2.1. The vulnerability is triggered in includes/refreshDate.php via the roomid parameter, allowing arbitrary web script/HTML injection in the user’s browser. The available documents identi...

Vulnerabilities in Js-Multi-Hotel for WordPress

Hello 3APA3A! These are vulnerabilities in Js-Multi-Hotel plugin for WordPress. ------------------------- Affected products: ------------------------- Vulnerable are Js-Multi-Hotel 2.2.1 and previous versions. ------------------------- Affected vendors: ------------------------- Joomlaskin...

Multiple vulnerabilities in Js-Multi-Hotel for WordPress

Hello 3APA3A! There are multiple vulnerabilities in Js-Multi-Hotel plugin for WordPress. Earlier I wrote about two other vulnerabilities. These are Abuse of Functionality, Denial of Service, Cross-Site Scripting and Full path disclosure vulnerabilities in Js-Multi-Hotel plugin for WordPress. Ther...

WordPress Js-Multi-Hotel 2.2.1 XSS / DoS / Disclosure / Abuse

Hello list! There are multiple vulnerabilities in Js-Multi-Hotel plugin for WordPress. Earlier I wrote about two other vulnerabilities. These are Abuse of Functionality, Denial of Service, Cross-Site Scripting and Full path disclosure vulnerabilities in Js-Multi-Hotel plugin for WordPress. There...