CVE-2014-4568

Cross-site scripting XSS vulnerability in posts/videowhisper/rlogout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in posts/videowhisper/rlogout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2014-4568

Cross-site scripting XSS vulnerability in posts/videowhisper/rlogout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2014-4568

The CVE-2014-4568 entry refers to a Cross-Site Scripting (XSS) vulnerability in the Video Posts Webcam Recorder WordPress plugin. Affected is version 1.55.4 and earlier, with the issue located in posts/videowhisper/r_logout.php where the message parameter can be exploited to inject arbitrary web ...

WordPress 2.3.1 Unauthorized Post Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26885/info WordPress is prone to a vulnerability that lets unauthorized users read draft posts before they have been published. This issue affects WordPress 2.3.1; other versions may also be affected. NOTE: This BID is...

glfusion cms 1.2.1 - Stored XSS via img tag

No description provided by source. Exploit Title: glfusion CMS 1.2.1 stored XSS via img tag Date: 14-1-2010 Author: Saif El-Sherei Software Link: www.glfusion.org/filemgmt/viewcat.php?cid=1http://php.opensourcecms.com/scripts/redirect/download.php?id=33 Version: 1.2.1 Tested on: Firefox 3.0.15...

Web Wiz Forums 9.68 SQLi Vulnerability

No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...

phpBB User Viewed Posts Tracker <= 1.0 File Include Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability...

NPDS 4.8 News Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user view...

XGB Guestbook 1.2 User-Embedded Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4513/info xGB is guestbook software. It is written in PHP and will run on most Unix and Linux variants as well as Microsoft Windows operating systems. xGB allows users to post images in guestbook entries by using special...

GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities

No description provided by source. Title: ====== GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities Date: ===== 2012-04-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=538 VL-ID: ===== 538 Introduction: ============= GENU is a Content Management System written...

WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Allow PHP in Posts and Pages plugin = 2.0.0.RC1 SQL Injection Vulnerability Date: 2011-08-18 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link:...

Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution Exploit

Exploit for php platform in category web applications | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components...

Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities

Exploit for php platform in category web applications Details ================ Software: Simple Share Buttons Adder Version: 4.4 Homepage: https://wordpress.org/plugins/simple-share-buttons-adder/ Advisory report:...

Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - &#039;WebShot&#039; Remote Code Execution

| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components Exploit Author : @u0x Pichaya Morimoto Release dates :...

WordPress Video Posts Webcam Recorder Plugin <= 1.55.4 - XSS

Because of this vulnerability in posts/videowhisper/rlogout.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

CVE-2014-3937

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2013-2710

Cross-site request forgery CSRF vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via unspecified vectors...

CVE-2013-3476

Cross-site request forgery CSRF vulnerability in the WordPress Related Posts plugin before 2.6.2 for WordPress allows remote attackers to hijack the authentication of users for requests that change settings via unspecified vectors...

CVE-2013-3257

Cross-site request forgery CSRF vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors...