14 matches found
EUVD-2014-2370
Malware in sbrugna...
Lazyest Gallery <= 1.1.20 - EXIF Script Insertion
The Lazyest Gallery WordPress plugin was affected by an EXIF Script Insertion security vulnerability...
Lazyest Gallery 0.10.4.3 - Multiple File/Directory Insecure Permissions Local Content Manipulation
The Lazyest Gallery WordPress plugin was affected by a Multiple File/Directory Insecure Permissions Local Content Manipulation security vulnerability...
WordPress Lazyest Gallery Plugin <= 0.10.4.3 - Content Manipulation
This plugin is prone to multiple file/directory insecure permissions local content manipulation. Solution Update the plugin...
CVE-2014-2333
Cross-site scripting XSS vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information...
CVE-2014-2333
CVE-2014-2333 affects the WordPress plugin Lazyest Gallery (pre-1.1.21). The vulnerability is a stored/reflected XSS via an EXIF tag in the image handling code, enabling remote attackers to inject arbitrary script or HTML. Public details come from NVD/NVD-related feeds and WPVulnDB entries; explo...
WordPress Lazyest Gallery Plugin <= 1.1.20 - XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via an EXIF tag. Solution Update the plugin...
WordPress Plugin Lazyest Gallery 1.0.26 - image Cross-Site Scripting
WordPress Plugin Lazyest Gallery 1.0.26 - image Cross-Site Scripting source: https://www.securityfocus.com/bid/46823/info The Lazyest Gallery WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
WordPress Lazyest Gallery Plugin 1.0.26 - Cross-Site Scripting
This WordPress Lazyest Gallery plugin's "image" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can...
HTB22874: Path disclosure in Lazyest Gallery wordpress plugin
Vulnerability ID: HTB22874 Reference: http://www.htbridge.ch/advisory/pathdisclosureinlazyestgallerywordpressplugin.html Product: Lazyest Gallery wordpress plugin Vendor: Brimosoft http://brimosoft.nl/ Vulnerable Version: 1.0.26 Vendor Notification: 24 February 2011 Vulnerability Type: Path...
HTB22875: XSS in Lazyest Gallery wordpress plugin
Vulnerability ID: HTB22875 Reference: http://www.htbridge.ch/advisory/xssinlazyestgallerywordpressplugin.html Product: Lazyest Gallery wordpress plugin Vendor: Brimosoft http://brimosoft.nl/ Vulnerable Version: 1.0.26 Vendor Notification: 24 February 2011 Vulnerability Type: XSS Cross Site...
Lazyest Gallery 1.0.26 Cross Site Scripting / Path Disclosure
================================ Vulnerability ID: HTB22875 Reference: http://www.htbridge.ch/advisory/xssinlazyestgallerywordpressplugin.html Product: Lazyest Gallery wordpress plugin Vendor: Brimosoft http://brimosoft.nl/ Vulnerable Version: 1.0.26 Vendor Notification: 24 February 2011...
Multiple Vulnerabilities in Lazyest Gallery
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Lazyest Gallery which could be exploited to perform cross-site scripting attacks and disclose potentially sensitive information. 1 Cross-site scripting XSS vulnerability in Lazyest Gallery The vulnerability exists due to...