8226 matches found
WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload
WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload Description : Wordpress Plugins - Asset Manager Shell Upload Vulnerability Version : 0.2 Link : http://wordpress.org/extend/plugins/asset-manager/ Plugins : http://downloads.wordpress.org/plugin/asset-manager.0.2.zip Date : 26-05-2012...
WordPress Comment Extra Fields Shell Upload
Description : Wordpress Plugins - Comment Extra Fields Shell Upload Vulnerability Version : 1.7 Link : http://wordpress.org/extend/plugins/comment-extra-field/ Plugins : http://downloads.wordpress.org/plugin/comment-extra-field.1.7.zip Date : 30-05-2012 Google Dork :...
Wordpress Plugins - Nmedia WordPress Member Conversation Shell Upload
Exploit for php platform in category web applications Description : Wordpress Plugins - Nmedia WordPress Member Conversation Shell Upload Vulnerability Version : 1.35.0 Link : http://wordpress.org/extend/plugins/wordpress-member-private-conversation/ Plugins :...
Wordpress Plugins - Comment Extra Fields Shell Upload Vulnerability
Exploit for php platform in category web applications Description : Wordpress Plugins - Comment Extra Fields Shell Upload Vulnerability Version : 1.7 Link : http://wordpress.org/extend/plugins/comment-extra-field/ Plugins : http://downloads.wordpress.org/plugin/comment-extra-field.1.7.zip Date :...
WordPress Google Maps Via Store Locator Plus Email Spool / SQL Injection
Description : Wordpress Plugins - Google Maps via Store Locator Plus Multiple Vulnerability Version : 2.7.1 - 3.0.1 Link : http://wordpress.org/extend/plugins/store-locator-le/ Plugins : http://downloads.wordpress.org/plugin/store-locator-le.3.0.1.zip Date : 26-05-2012 Google Dork :...
F2blog Shell Upload
Name: f2blog Remote File Uploader RFU Sh3ll Google Dork: inurl:/plugins/expose4/uploadimg.php Type: PhP Author: MR.XpR Tested On: Linux Backtrack 1.Upload shell ----- Sh3ll.php.jpg 2.load shell ------- http://patch/components/comexpose/expose/img/shell.php.jpg Expamle :...
Atlassian JIRA < 5.0.1 XML Parsing DoS
According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is prior to 5.0.1. It is, therefore, potentially affected by an XML parsing flaw due to improper restrictions on the capabilities of third-party parsers. A remote, authenticated attacker c...
Debian Security Advisory DSA 2670-1 (wordpress)
The remote host is missing an update to wordpress announced via advisory DSA 2670-1. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
[SECURITY] Fedora 17 Update: ikiwiki-3.20120516-1.fc17
Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins...
[SECURITY] Fedora 16 Update: ikiwiki-3.20111106-2.fc16
Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins...
[SECURITY] Fedora 15 Update: ikiwiki-3.20111106-2.fc15
Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins...
Debian DSA-2470-1 : wordpress - several vulnerabilities
Several vulnerabilities were identified in WordPress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the wordpress package to the latest upstream version instead of backporting the patches...
DSA-2470-1 wordpress - several
Bulletin has no description...
Nine Percent of Websites May be Malicious
Just fewer than 10 percent of websites serve some sort of malicious purpose, with an additional nine percent of sites being characterized as “suspicious” by Zscaler in a new research report. Zscaler ran 27,000 website URLs through a tool they developed to assess the security of websites and give...
Gentoo Security Advisory GLSA 201203-14 (audacious-plugins)
The remote host is missing updates announced in advisory GLSA 201203-14. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
Gentoo Security Advisory GLSA 201203-14 (audacious-plugins)
The remote host is missing updates announced in advisory GLSA 201203-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD : wordpress -- multiple vulnerabilities (b384cc5b-8d56-11e1-8d7b-003067b2972c)
Wordpress reports : External code has been updated to non-vulnerable versions. In addition the following bugs have been fixed : - Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances. -...
DEBIAN-CVE-2012-2402
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors...
CVE-2012-2402
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors...
Design/Logic Flaw
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors...