WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting Cross-Site Request Forgery Arbitrary File Upload Vulnerabilities

WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting Cross-Site Request Forgery Arbitrary File Upload Vulnerabilities Exploit Title: Multiple Persistent XSS & CSRF & File Upload on Ultimate Product Catalogue 3.1.2 Google Dork: inurl:"SingleProduct"...

Ultimate Product Catalogue <= 3.1.4 - Multiple Vulnerabilities

Product Name and Description and File Upload formulary of plugin Ultimate Product Catalog lacks of proper CSRF protection and proper filtering. Allowing an attacker to alter a product presented to a customer or the wordpress administrators and insert XSS in his product name and description. It al...

WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload Vulnerabilities

Exploit Title: Multiple Persistent XSS & CSRF & File Upload on Ultimate Product Catalogue 3.1.2 Google Dork: inurl:"SingleProduct" intext:"Back to catalogue" intext:"Category", inurl:"/wp-content/plugins/ultimate-product-catalogue/product-sheets/" Date: 22/04/2015 Exploit Author: Felipe Molina de...

[SECURITY] Fedora 22 Update: yourls-1.7-3.20150410gitabc7d6c.fc22

YOURLS is a small set of PHP scripts that will allow you to run your own URL shortening service a la TinyURL. You can make it private or public, you can pick custom keyword URLs, it comes with its own API...

Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities

Document Title: =============== Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1386 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2239 CVE-ID: ======= CVE-2014-2239 Release Date:...

CMS Contenido 4.9.5 Cross Site Scripting

Advisory: Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 Advisory ID: SROEADV-2014-03 Author: Steffen Rösemann Affected Software: CMS Contenido 4.9.x-4.9.5 Release: 10th Dec 2014 Vendor URL: http://www.contenido.org/de/ Vendor Status: fixed CVE-ID: - ==========================...

Symantec Web Gateway < 5.2.2 Authenticated OS Command Injection (SYM14-016)

According to its self-reported version number, the remote web server is hosting a version of Symantec Web Gateway prior to version 5.2.2. It is, therefore, affected by a operating system OS command injection vulnerability in an unspecified PHP script which impacts the management console. A remote...

Symantec Web Gateway < 5.2.2 Command Injection Vulnerability

Symantec Web Gateway is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Symantec Web Gateway OS Authenticated Command Injection

SUMMARY Symantec's Web Gateway SWG Appliance management console is susceptible to operating system command injection by an authenticated but less-privileged user. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Web Gateway Appliance | 5.2.1 and prior | Symantec Web Gateway 5.2...

LogAnalyzer < 3.6.6 index.php / detail.php 'hostname' Parameter XSS

The LogAnalyzer install hosted on the remote web server is affected by a cross-site scripting vulnerability due to a failure to properly sanitize the 'hostname' value retrieved from log files. An attacker can exploit this issue to inject arbitrary HTML and script code into a user's browser to be...

Creative Contact Form - Arbitrary File Upload

No description provided by source. ========================================================== "Creative Contact Form - The Best WordPress Contact Form Builder" - Arbitrary File Upload Author: Gianni Angelozzi Date: 08/10/2014 Remote: Yes Vendor Homepage:...

Mayhem Shellshock Infection Attempt

Mayhem uses a PHP script to drop malicious objects to the affected client...

[SECURITY] [DSA 3064-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3064-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 04, 2014 http://www.debian.org/security/faq -...

WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload

========================================================== "Creative Contact Form - The Best WordPress Contact Form Builder" - Arbitrary File Upload Author: Gianni Angelozzi Date: 08/10/2014 Remote: Yes Vendor Homepage: https://profiles.wordpress.org/creative-solutions-1/ Software Link:...

WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload

WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload ========================================================== "Creative Contact Form - The Best WordPress Contact Form Builder" - Arbitrary File Upload Author: Gianni Angelozzi Date: 08/10/2014 Remote: Yes Vendor Homepage:...

TimThumb 'timthumb.php' WebShot 'src' Parameter Remote Command Execution

The TimThumb 'timthumb.php' script installed on the remote host is affected by a remote command execution vulnerability due to a failure to properly sanitize user-supplied input to the 'src' parameter. A remote, unauthenticated attacker can leverage this issue to execute arbitrary commands on the...

Mayhem — A New Malware Targets Linux and FreeBSD Web Servers

Security researchers from Russian Internet giant Yandex have discovered a new piece of malware that is being used to target Linux and FreeBSD web servers in order to make them a part of the wide botnet, even without the need of any root privileges. Researchers dubbed the malware as Mayhem, a nast...

OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability

No description provided by source. ??php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management...

AutoIndex PHP Script 2.2.1 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25448/info AutoIndex PHP Script is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...

PANews 2.0 - Remote PHP Script Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php...