282 matches found
MF Piadas 1.0 Admin.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18679/info MF Piadas is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious P...
CVE-2014-2658
Unspecified vulnerability in Papercut MF and NG before 14.1 Build 26983 allows attacker to cause a denial of service via unknown vectors...
CVE-2014-2657
Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 Build 26983 has unknown impact and remote vectors, related to embedded MFPs...
Code injection
Unspecified vulnerability in Papercut MF and NG before 14.1 Build 26983 allows attacker to cause a denial of service via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 Build 26983 has unknown impact and remote vectors, related to embedded MFPs...
CVE-2014-2657
Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 Build 26983 has unknown impact and remote vectors, related to embedded MFPs...
CVE-2014-2657
CVE-2014-2657 affects PaperCut MF prior to version 14.1 (Build 26983) where the vulnerability lies in the print release functionality, with the impact and attack vectors described as unknown and remotely exploitable in embedded MFPs. The NVD entry notes a base score of 7.5 (HIGH) with NETWORK att...
CVE-2014-2658
CVE-2014-2658 affects PaperCut MF & NG prior to version 14.1 (Build 26983). The vulnerability allows an attacker to cause a denial-of-service condition via unknown vectors; impact is increased availability risk (DoS). Affected versions include PaperCut MF & NG 14.1 build 26830 and earlier. Remedi...
CVE-2014-2658
Unspecified vulnerability in Papercut MF and NG before 14.1 Build 26983 allows attacker to cause a denial of service via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the admin UI in Papercut MF and NG before 14.1 Build 26983 allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2014-2659
CVE-2014-2659 is a CSRF vulnerability in the admin UI of PaperCut MF & NG (affecting versions up to 14.1 build 26983; KLA10291 notes 14.1 build 26830 and earlier). The issue allows remote attackers to hijack administrator sessions via unspecified vectors. No exploit specifics are provided in the ...
CVE-2012-4242
Cross-site scripting XSS vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page...
Cross site scripting
Cross-site scripting XSS vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page...
CVE-2012-4242
Cross-site scripting XSS vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page...
PT-2012-5271 · Mf · Mf Gig Calendar Plugin
Name of the Vulnerable Software and Affected Versions: MF Gig Calendar plugin version 0.9.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page, which is a cross-site scripting XSS vulnerability. This enables attackers to...
WordPress MF Gig Calendar Plugin - Cross Site Scripting
WordPress MF Gig Calendar plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...
WordPress MF Gig Calendar 0.9.2 Cross Site Scripting
Exploit for php platform in category web applications /---------------------------------------------------------\ | MF Gig Calendar Wordpress Plugin - Cross-Site Scripting | ---------------------------------------------------------/ Summary ======= MF Gig Calendar 0.9.2 is subject to a cross-site...
WordPress MF Gig Calendar 0.9.2 Cross Site Scripting
/---------------------------------------------------------\ | MF Gig Calendar Wordpress Plugin - Cross-Site Scripting | ---------------------------------------------------------/ Summary ======= MF Gig Calendar 0.9.2 is subject to a cross-site scripting vulnerability. The value of a generic...
WordPress Plugin MF Gig Calendar - Cross-Site Scripting
source: https://www.securityfocus.com/bid/55622/info The MF Gig Calendar plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
CVE-2006-3323
MF Piadas 1.0 is affected by a PHP remote file inclusion in admin/admin.php, exploitable via the page parameter to execute arbitrary code. The underlying issue is a file inclusion vulnerability (HTML/script vector noted as related by CVE analysis). Connected advisories also reference cross-site s...