DEBIAN-CVE-2012-4422

wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed plugin, which might allow remote authenticated users to make unintended plugin changes by leveragi...

CVE-2012-4422

CVE-2012-4422 affects WordPress prior to 3.4.2 with multisite enabled. The vulnerability arises when network-wide activation of plugins is performed without verifying network-administrator privileges, potentially allowing remote authenticated users to make unintended plugin changes by abusing the...

CVE-2012-4422

wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed plugin, which might allow remote authenticated users to make unintended plugin changes by leveragi...

WordPress < 3.4.2 Multiple Vulnerabilities

According to its version number, the WordPress install hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by an unspecified bug that affects multisite installs with untrusted users. - The application is affected by an unspecified vulnerability...

FreeBSD : wordpress -- multiple unspecified privilege escalation bugs (30149157-f926-11e1-95cd-001fd0af1a4c)

Wordpress reports : Version 3.4.2 also fixes a few security issues and contains some security hardening. The vulnerabilities included potential privilege escalation and a bug that affects multisite installs with untrusted users. These issues were discovered and fixed by the WordPress security tea...

wordpress -- multiple unspecified privilege escalation bugs

Wordpress reports: Version 3.4.2 also fixes a few security issues and contains some security hardening. The vulnerabilities included potential privilege escalation and a bug that affects multisite installs with untrusted users. These issues were discovered and fixed by the WordPress security team...

DEBIAN-CVE-2012-3383

The mapmetacap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfilteredhtml capability, which allows remote authenticated users to bypass intended access restrictions and conduct cross-site scripting X...

Cross site scripting

The mapmetacap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfilteredhtml capability, which allows remote authenticated users to bypass intended access restrictions and conduct cross-site scripting X...

CVE-2012-3383

The mapmetacap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfilteredhtml capability, which allows remote authenticated users to bypass intended access restrictions and conduct cross-site scripting X...

SA-CONTRIB-2012-031 - Multiple Modules Unsupported - UC PayDutchGroup - Information leakage and Multisite Search sql injection

CVE: CVE-2012-1655 UC PayDutchGroup / WeDeal payment integrates the PayDutchGroup / WeDeal payment gateway with Ubercart. The module exposes account credentials for the store's PayDutchGroup account under certain circumstances allowing a malicious user to login to the PayDutchGroup site as the...

BigAce 2.7.5 content management system, FCK editor upload vulnerability-vulnerability warning-the black bar safety net

BigAce 2.7.5 content management system, FCK editor upload vulnerability BIGACE is a PHP and MySQL development of Web Content Management SystemCMS. Main or FCK editor problem. Now a lot of the station, would have been quite safe, but with these so-called editor, leading to a Cup. This is a...

WordPress < 3.0.2 Multiple Vulnerabilities

According to its version number, the installation of WordPress hosted on the remote web server is affected by multiple vulnerabilities : - A SQL injection vulnerability exists in the 'wp-includes/comment.php' script due to improper sanitization of user-supplied input to the 'Send Trackbacks' fiel...

BIGACE CMS 2.5 (username) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

CVE-2008-5329

ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file...

CVE-2008-5329

ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file...

CVE-2008-5329

The CVE-2008-5329 issue affects ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 . An attacker could direct a client’s submissions and changes to an arbitrary database by configuring multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties fi...