39 matches found
EUVD-2015-2323
Malware in sbrugna...
EUVD-2014-1047
Malware in sbrugna...
EUVD-2015-9081
Malware in sbrugna...
WordPress Photocrati NextGEN Gallery Plugin File Upload Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Photocrati NextGEN Gallery plugin is one of the image management plugin. A security vulnerability exists in the...
Information disclosure
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images1alttext parameter...
CVE-2015-9229
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images1alttext parameter...
CVE-2015-9229
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images1alttext parameter...
CVE-2015-9229
CVE-2015-9229 affects the WordPress Photocrati NextGEN Gallery plugin (version 2.1.15) in the nggallery-manage-gallery page. The vulnerability is a cross-site scripting (XSS) issue exploitable by remote authenticated administrators via the images[1][alttext] parameter, as described in the CVE det...
CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php...
Unrestricted file upload
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php...
CVE-2015-9228
CVE-2015-9228 affects WordPress Photocrati NextGEN Gallery plugin, version 2.1.10. The vulnerability allows unrestricted file upload via the name parameter when a file extension is changed from .jpg to .php, enabling potentially arbitrary PHP uploads. The NVD entry notes high-impact risk (Confide...
CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php...
Wordpress Photocrati theme-ecomm-sizes.php文件prod_id参数-跨站脚本漏洞
No description provided by source...
WordPress Theme Photocrati SQL Injection (CVE-2015-2216)
An SQL injection has been reported in WordPress Theme Photocrati. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS Vulnerabilities
Exploit for php platform in category web applications Exploit Title: wordpress theme photocrati 4.X.X SQL INJECTION Google Dork: Designed by Photocrati also powered by Photocrati Date: 23 / 09 / 2011 Exploit Author: ayastar Email : email protected Software Link: http://www.photocrati.com Version:...
WordPress Photocrati Theme SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.Photocrati is one of the photography themes. A SQL injection vulnerability exists in the ecomm-sizes.php script in...
CVE-2015-2216
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prodid parameter...
Sql injection
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prodid parameter...
CVE-2015-2216
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prodid parameter...
CVE-2015-2216
The CVE-2015-2216 issue affects the Photocrati WordPress theme (version 4.x). A SQL injection in ecomm-sizes.php can be exploited via the prod_id parameter to execute arbitrary SQL commands. Public exploits exist for this vulnerability per Kaspersky’s advisories. Remediation: upgrade the Photocra...