11 matches found
CVE-2016-10998
The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS...
EUVD-2015-0826
Malware in sbrugna...
WordPress Ocim MP3 Plugin - Cross Site Scripting
This WordPress plugin is prone to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary script or HTML. Solution Update the plugin...
Ocim MP3 Plugin - Unauthenticated Reflected Cross-Site Scripting (XSS)
Credits to : Soufiane Boussali PoC http://www.example.com/wp-content/plugins/ocim-mp3/source/pages.php?id=XSSPayload...
Ocim MP3 Plugin - Unauthenticated Reflected Cross-Site Scripting (XSS)
Credits to : Soufiane Boussali http://www.example.com/wp-content/plugins/ocim-mp3/source/pages.php?id=XSSPayload...
WordPress Ocim MP3 Plugin - SQL Injection
Exploit for php platform in category web applications ======== Ocim MP3 Plugin SQL Injection Vulnerability ======== :----------------------------------------------------------------------------------------------------: : Exploit Title : Ocim MP3 Plugin SQL Injection Vulnerability : Date : 26...
thunderbird: multiple issues
CVE-2015-0801 same-origin bypass: Mozilla developer Olli Pettay reported that while investigating Mozilla Foundation Security Advisory 2015-28, he and Mozilla developer Boris Zbarsky found an alternate way to trigger a similar vulnerability. The previously reported flaw used an issue with SVG...
CVE-2015-0813
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service heap...
Design/Logic Flaw
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service heap...
CVE-2015-0813
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service heap...
UBUNTU-CVE-2015-0813
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service heap...