Lucene search
K

705 matches found

WPVulnDB
WPVulnDB
added 2017/07/04 12:0 a.m.17 views

Responsive Lightbox by dFactory <= 1.7.1 - Authenticated Cross-Site Scripting (XSS)

The Responsive Lightbox & Gallery WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.7AI score0.0145EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2016/11/13 12:0 a.m.12 views

Lightbox <= 1.6.7 - Cross-Site Scripting (XSS)

The lightbox WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

1.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2016/07/19 12:0 a.m.5 views

WordPress Form Lightbox Plugin - BYPASS

This vulnerability allows the attackers to update any option in the WordPress database. It includes gaining an admin access. Solution There is no fix, because this plugin is no longer in the WordPress repository...

3.4AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2016/07/19 12:0 a.m.13 views

Form Lightbox - Arbitrary Option Update Leading to Admin Account

This is a plugin that is no longer in the WordPress repository, however, is still in use on some sites. With this vulnerability an attacker can update any option in the WordPress database. This includes gaining an admin access. Using the file ajax.php that contains the following line: updateoptio...

0.4AI score
Exploits0References2
WPVulnDB
WPVulnDB
added 2016/04/05 12:0 a.m.35 views

Lightbox Plus <= 2.7.2 - CSRF to XSS

The lightbox-plus WordPress plugin was affected by a CSRF to XSS security vulnerability...

4.3CVSS1.9AI score0.00515EPSS
Exploits1Affected Software1
Drupal
Drupal
added 2015/10/07 12:0 a.m.21 views

Colorbox - Access bypass - Less Critical - SA-CONTRIB-2015-156

This module allows for integration of Colorbox, a jQuery lightbox plugin, into Drupal. The module allows unprivileged users to add unexpected content to a Colorbox, including content from external sites. This allows an unprivileged user to deface a site. This vulnerability is mitigated by the fac...

3.5CVSS6.2AI score0.00866EPSS
Exploits0References10
CNVD
CNVD
added 2015/08/25 12:0 a.m.9 views

PHP Kobo Photo Gallery CMS for PC/smartphone and feature phone Cross Site Scripting Vulnerability

PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone is a photo gallery content management system CMS for PC, smartphone and feature phone from PHP Kobo Japan. A cross-site scripting vulnerability exists in the jquery.lightbox-0.5.min.js file in PHP Kobo Photo Gallery CMS for PC,...

4.3CVSS6.3AI score0.01171EPSS
Exploits0References1
Patchstack
Patchstack
added 2015/05/14 12:0 a.m.14 views

WordPress WP Video Lightbox Plugin <= 1.7.4 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

1.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/14 12:0 a.m.12 views

WordPress Responsive Lightbox Plugin <= 1.4.11 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

1.8AI score
Exploits0References1Affected Software1
Dsquare
Dsquare
added 2015/05/01 12:0 a.m.64 views

WordPress 3.5.1 Lightbox Plus RCE

Remote Code Execution in the Wordpress core using maybeunserialize and the simplehtmldomnode class Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

0.9AI score
Exploits0
Patchstack
Patchstack
added 2015/04/16 12:0 a.m.15 views

WordPress FooBox Image Lightbox Plugin <= 1.0.4 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update this plugin...

2.3AI score
Exploits0Affected Software1
CNVD
CNVD
added 2015/01/08 12:0 a.m.3 views

WordPress plugin Lightbox Photo Gallery suffers from multiple cross-site request forgery vulnerabilities

WordPress is a use of PHP language development of blogging platform , users can support PHP and MySQL database server set up their own weblog . Lightbox Photo Gallery plugin is to provide automatic generation of thumbnails , watermarks , the use of slideshow way to view pictures and other feature...

6.8CVSS7AI score0.01015EPSS
Exploits1References1
NVD
NVD
added 2015/01/02 7:59 p.m.16 views

CVE-2014-9441

Multiple cross-site request forgery CSRF vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct cross-site scripting XSS attacks via...

6.8CVSS6.7AI score0.01015EPSS
Exploits1References2
Prion
Prion
added 2015/01/02 7:59 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct cross-site scripting XSS attacks via...

6.8CVSS7AI score0.01015EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2015/01/02 7:0 p.m.44 views

CVE-2014-9441

The CVE-2014-9441 entry concerns the WordPress Lightbox Photo Gallery 1.0 plugin, which is vulnerable to multiple CSRF (and associated XSS) flaws. According to the sources, remote attackers can hijack administrator authentication to perform actions such as changing plugin settings via unspecified...

6.8CVSS6.8AI score0.01015EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2015/01/02 12:0 a.m.16 views

WordPress Lightbox Photo Gallery Plugin <= 1.0 - Multiple CSRF and XSS

Because of these cross site request forgery vulnerabilities, the attackers can hijack the authentication of administrators for requests. In that way they can change plugin settings via unspecified vectors or conduct cross-site scripting attacks. Solution Update the plugin...

6.8CVSS3.2AI score0.01015EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2014/12/12 12:0 a.m.21 views

WordPress Lightbox Photo Gallery 1.0 CSRF / XSS

Title: WordPress 'Lightbox Photo Gallery' plugin - CSRF/XSS Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/12/12 Download: https://wordpress.org/plugins/lightbox-photo-gallery/ Notified WordPress: 2014/11/27...

0.5AI score
Exploits0
0day.today
0day.today
added 2012/11/23 12:0 a.m.42 views

Wordpress Plugin plg_novana Sql Injection Vulnerability

WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability. Exploit Title : Wordpress plgnovana plugin Sql Injection Exploit Author : Ashiyane Digital Security Team Discovered By : sil3nt Home : www.ashiyane.org Security Risk : High - SQL Injection Dork :...

8.1AI score
Exploits0
0day.today
0day.today
added 2011/01/18 12:0 a.m.25 views

Joomla Component com_allcinevid 1.0.0 Blind SQL Injection Vulnerability

Exploit for php platform in category web applications allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name allCineVid Vendor http://www.joomtraders.com Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/01/18 12:0 a.m.33 views

Joomla! Component allCineVid 1.0.0 - Blind SQL Injection

http://adv.salvatorefresta.net/allCineVidJoomlaComponent1.0.0BlindSQLInjectionVulnerability-18012011.txt allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name allCineVid Vendor http://www.joomtraders.com Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website...

7.4AI score
Exploits0
Rows per page
Query Builder