Lucene search
+L

47 matches found

CNNVD
CNNVD
added 2022/06/20 12:0 a.m.6 views

WordPress plugin Multi-page Toolkit 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Multi-page Toolkit plugin 2.6 and earlier versions are vulnerable to cross-site request forgery,...

5.4CVSS5.4AI score0.00292EPSS
Exploits2References2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.128 views

Multi-page Toolkit <= 2.6 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well ' input typ...

5.4CVSS0.3AI score0.00292EPSS
Exploits2
OSV
OSV
added 2022/05/14 3:15 a.m.9 views

GHSA-CVVX-R33M-V7PQ Improper Input Validation in Apache Struts

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

7.5CVSS7.2AI score0.21261EPSS
Exploits0References8
CNVD
CNVD
added 2018/09/06 12:0 a.m.3 views

XSS Vulnerability in ThinkLC Multiple Pages

ThinkLC is a classified information system developed by SaxueCMS. ThinkLC V4.0 and previous versions of multi-page XSS vulnerability, the vulnerability stems from the system fails to adequately filter img tags, an attacker can construct malicious img tags to exploit the vulnerability to obtain...

6.2AI score
Exploits0
Fedora
Fedora
added 2017/07/15 7:56 p.m.34 views

[SECURITY] Fedora 25 Update: evince-3.22.1-5.fc25

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

7.8CVSS7.7AI score0.50826EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2016/04/01 12:0 a.m.36 views

Debian DSA-3536-1 : libstruts1.2-java - security update

It was discovered that libstruts1.2-java, a Java framework for MVC applications, contains a bug in its multi-page validation code. This allows input validation to be bypassed, even if MPV is not used directly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

7.5CVSS7.3AI score0.21261EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/03/31 12:0 a.m.29 views

Debian Security Advisory DSA 3536-1 (libstruts1.2-java - security update)

It was discovered that libstruts1.2-java, a Java framework for MVC applications, contains a bug in its multi-page validation code. This allows input validation to be bypassed, even if MPV is not used directly. OpenVAS Vulnerability Test $Id: deb3536.nasl 6608 2017-07-07 12:05:05Z cfischer $...

5CVSS0.4AI score0.21261EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

MPCS <= 1.0 (path) Remote File Include Vulnerabilities

No description provided by source. ================================================================== Multi-Page Comment System RFI ================================================================== Info:- Scripts: Multi-Page Comment System MPCS Home: http://tpvgames.co.uk/web/mpcs/ Download:...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/11/06 12:0 a.m.40 views

Multi-Page Comment System CSRF/XSS Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/06/05 12:0 a.m.33 views

EZEIP3. 0 multi-page upload validation vulnerability-vulnerability warning-the black bar safety net

Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page: http://www.XXX.com/...

0.3AI score
Exploits0
myhack58
myhack58
added 2012/03/30 12:0 a.m.25 views

EZEIP3. 0 multi-page upload validation vulnerability and fix-vulnerability warning-the black bar safety net

Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page:...

0.5AI score
Exploits0
Prion
Prion
added 2011/01/14 5:0 p.m.15 views

Code injection

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a multi-page document...

9.3CVSS7.7AI score0.0219EPSS
Exploits1References8Affected Software2
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.14 views

MDVA-2008:101 : evince

Evince was not properly handling multi-page TIFF files and was crashing under specific conditions when requesting printing. This package update fixes those issues and includes additional translations from the GNOME 2.22.2 release. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated a...

7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.6 views

Mandriva Update for evince MDVA-2008:101 (evince)

Check for the Version of evince OpenVAS Vulnerability Test Mandriva Update for evince MDVA-2008:101 evince Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

0.3AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.11 views

Mandriva Update for evince MDVA-2008:101 (evince)

Check for the Version of evince OpenVAS Vulnerability Test Mandriva Update for evince MDVA-2008:101 evince Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

0.3AI score
Exploits0References2
Prion
Prion
added 2008/05/18 2:20 p.m.14 views

Authentication flaw

admin.php in Multi-Page Comment System MPCS 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1...

7.5CVSS7.7AI score0.02744EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/05/18 2:20 p.m.15 views

CVE-2008-2293

admin.php in Multi-Page Comment System MPCS 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1...

7.5CVSS7.1AI score0.02744EPSS
Exploits1References4
CVE
CVE
added 2008/05/18 2:0 p.m.32 views

CVE-2008-2293

The CVE-2008-2293 issue affects Multi-Page Comment System (MPCS) 1.0 and 1.1, where remote attackers can bypass authentication and escalate privileges by setting the CommentSystemAdmin cookie to 1. The available sources describe an authentication bypass via a cookie manipulation, marking it as a ...

7.5CVSS7.2AI score0.02744EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.19 views

CVE-2008-2293

admin.php in Multi-Page Comment System MPCS 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1...

7.1AI score0.02744EPSS
Exploits1References4
exploitpack
exploitpack
added 2008/05/15 12:0 a.m.18 views

Multi-Page Comment System 1.1.0 - Insecure Cookie Handling

Multi-Page Comment System 1.1.0 - Insecure Cookie Handling --==+================================================================================+==-- --==+ Multi-Page Comment System 1.1.0 Insecure Cookie Handling +==--...

0.1AI score
Exploits0
Rows per page
Query Builder