EUVD-2009-2118

Malware in sbrugna...

WordPress Photoracer Plugin 'id' Parameter SQL Injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

WordPress Photoracer Plugin <= 1.0 Multiple Vulnerabilities

No description provided by source. WordPress Photoracer Plugin = 1.0 Multiple XSS & SQLI Vulnerabilities Tested on Wordpress 3.2 Hebrew, Photoracer 1.0 Vulnerabilities: XSS SQL Injection Bug discovered by Pr0T3cT10n, [email protected] Date: 26/08/2011 Software Link:...

WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities

WordPress Photoracer Plugin Date: 26/08/2011 Software Link: http://wordpress.org/extend/plugins/photoracer/ ISRAEL Author will be not responsible for any damage. Vulnerable Code - mostvoted.php 15-22: 15.if isset$REQUEST'pid' || isset$REQUEST'prid' 16. $postid = $REQUEST'pid' ? $REQUEST'pid' :...

CVE-2009-2122

SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-2122

SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-2122

CVE-2009-2122 affects the WordPress Photoracer plugin 1.0, with a SQL injection in viewimg.php via the id parameter that allows remote execution of arbitrary SQL commands. Impact is partial confidentiality/integrity/availability per the CVSS. Public references show exploitation (e.g., Exploit-DB)...

WordPress Photoracer Plugin 1.0 - SQL Injection Vulnerability

SQL injection vulnerability found in viewimg.php line 16. It allows the attacker to execute arbitrary commands via the 'imgid' parameter against the database. Solution Update plugin...