CVE-2013-2640

CVE-2013-2640 concerns the WordPress MailUp plugin. The affected component is ajax.functions.php, with vulnerability in access control for unspecified Ajax functions, enabling remote attackers to modify plugin settings and trigger cross-site scripting via formData=save-like requests. The advisory...

Design/Logic Flaw

The Organizer plugin 1.2.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors to 1 pluginhook.php, 2 page/index.php, 3 page/dir.php 4 page/options.php, 5 page/resize.php, 6 page/upload.php, 7 page/users.php, or 8 page/view.php...

Wordpress wp-photo-album plugin Full Path Disclosure vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

CVE-2013-0721

wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message...

nspluginwrapper: NPNVprivateModeBool variable not forwarded

nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash...

Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery / Remote Code Execution (Metasploit)

Author Ben 'highjack' Sheppard Title Jira Scriptrunner 2.0.7 'Jira Scriptrunner 2.0.7 %qThis jira plugin does notuse the built in jira protections websudo or csrf tokens to protect the page from CSRF. This page is supposed to be used by admins to automate tasks, it will accept java code and by...

WordPress Cardoza Ajax Search 1.1 SQL Injection

Exploit Title : SQl INJECTION AJAX Post Search --- wordpress plugin--- Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 10/12/12 version: 1.1 software link: http://wordpress.org/extend/plugins/cardoza-ajax-search/ AJAX Post Search wordpress plugin description This plugin will allow your...

PT-2012-5271 · Mf · Mf Gig Calendar Plugin

Name of the Vulnerable Software and Affected Versions: MF Gig Calendar plugin version 0.9.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page, which is a cross-site scripting XSS vulnerability. This enables attackers to...

CVE-2012-3423

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service crash, obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet...

Movable Type plugin MT4i vulnerable to cross-site scripting

Overview MT4i contains a cross-site scripting vulnerability. MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN79111101. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the...

CVE-2011-4328

plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions world readable for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information...

CVE-2011-4328

Removed by vendor...

Wordpress Plugins - Flip slideshow Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload

WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload Exploit Title: Wordpress front-end-upload 0.5.3 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/front-end-upload/ Date: 31/05/2012 Exploit Author: Adrien Thierry Vendor Homepage:...

CVE-2012-1786

The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors...

WordPress SB Uploader Shell Upload

================================================================= Title: Wordpress SB Uploader Plugin Shell Upload Vulnerability Author: JingoBD Category: webapps Team: Bangladesh Cyber Army Greetz: Bedu33n,N!1L,Rex0Man & All Member of BCA. http://facebook.com/life.is.code Plugin URI:...

WordPress Plugin Forum 1.7.8 - SQL Injection

Exploit Title: WordPress WP Forum plugin getrow"SELECT text, authorid, date FROM $tableposts WHERE id = $id"; $u = new WPuser$text-authorid; echo htmlentities"QUOTE $u-nickname @ ".dategetoption'forumdateformat', strtotime$text-date."\n $text-text";...

WordPress Plugin WPtouch 1.9.27 - URL redirection

WordPress Plugin WPtouch 1.9.27 - URL redirection Hello , that's a 0day on the must downloaded WordPress plugin. Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection Google Dork: intext:"Powered by Wordpress + WPtouch" with iphone/android User-Agent Author: MaKyOtOx special Pwet t...

Gimp: Stack-based buffer overflow in SphereDesigner plug-in

Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...

spice-xpi: unitialized pointer writes possible when getting plugin properties

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to 1 plugin/nsScriptablePeer.cpp and 2 plugin/plugin.cpp, which trigger multiple uses of an uninitializ...