CVE-2018-6389 WordPress Parameter Resource Consumption Remote DoS

Yesterday Monday, February 5, 2018, a zero-day vulnerability in WordPress core was disclosed, which allows an attacker to perform a denial of service DoS attack against a vulnerable application. The vulnerability exists in the modules used to load JS and CSS files. These modules were designed to...

Directory traversal

Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magicquotesgpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the 1 theme parameter to loadStyles.php and the 2 scripts parameter to javascript/loadScripts.php. NOTE: the...