EUVD-2009-2118

Malware in sbrugna...

WordPress Photoracer Plugin 'id' Parameter SQL Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

WordPress Photoracer Plugin <= 1.0 Multiple Vulnerabilities

No description provided by source. WordPress Photoracer Plugin = 1.0 Multiple XSS & SQLI Vulnerabilities Tested on Wordpress 3.2 Hebrew, Photoracer 1.0 Vulnerabilities: XSS SQL Injection Bug discovered by Pr0T3cT10n, [email protected] Date: 26/08/2011 Software Link:...

WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities

WordPress Photoracer Plugin Date: 26/08/2011 Software Link: http://wordpress.org/extend/plugins/photoracer/ ISRAEL Author will be not responsible for any damage. Vulnerable Code - mostvoted.php 15-22: 15.if isset$REQUEST'pid' || isset$REQUEST'prid' 16. $postid = $REQUEST'pid' ? $REQUEST'pid' :...

CVE-2009-2122

SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-2122

CVE-2009-2122 affects the WordPress Photoracer plugin 1.0, with a SQL injection in viewimg.php via the id parameter that allows remote execution of arbitrary SQL commands. Impact is partial confidentiality/integrity/availability per the CVSS. Public references show exploitation (e.g., Exploit-DB)...

CVE-2009-2122

SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

WordPress Photoracer Plugin 1.0 - SQL Injection Vulnerability

SQL injection vulnerability found in viewimg.php line 16. It allows the attacker to execute arbitrary commands via the 'imgid' parameter against the database. Solution Update plugin...