49 matches found
DEBIAN-CVE-2017-14721
Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name...
CVE-2017-14721
Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name...
CVE-2017-14721
Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name...
UBUNTU-CVE-2017-5488
Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...
Atrax Botnet Shell Upload Vulnerability
Exploit for php platform in category web applications import random import string import base64 import urllib import urllib2 payload = '' url = 'http://localhost/atrax/' BOTMODEINSERT = 'b' BOT MODE BOTMODERUNPLUGIN = 'e' GETPARAMMODE = 'a' GET PARAM POSTPARAMGUID = 'h' POST PARAM POSTPARAMIP = '...
WordPress Like Dislike Counter 1.2.3 SQL Injection
Title : Wordpress Like Dislike Counter Plugin SQL Injection Vulnerability Risk : High+/Critical Exploit Author : XroGuE Google Dork : inurl:plugins/like-dislike-counter-for-posts-pages-and-comments/ajaxcounter.php AND plugins/pro-like-dislike-counter/ldc-ajax-counter.php Plugin Version : 1.2.3...
DLA-20-1 munin - security update
Bulletin has no description...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 a plugin name, related to managepluginuninstall.php; 2 an enumeration value or 3 a String value of a custom field, related to...
CVE-2010-3303
Multiple cross-site scripting XSS vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 a plugin name, related to managepluginuninstall.php; 2 an enumeration value or 3 a String value of a custom field, related to...