Lucene search
K

328 matches found

Patchstack
Patchstack
added 2017/07/25 12:0 a.m.23 views

WordPress Ads Pro plugin <= 3.4 - Cross-Site Scripting / SQL Injection

bsaproid $GET parameter is vulnerable to SQL injection. Payload example: bsaprostats=1&[email protected]&bsaproid=xx AND 1707=1707 The payload works when the ad is displayed. Solution Update the plugin to the latest version...

2.6AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.12 views

WordPress FB Survey Pro Plugin - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

1.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.7 views

WordPress FB Survey Pro Plugin - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

1.9AI score
Exploits0References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2014/12/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2014-9735

The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an...

7.5CVSS6AI score0.75256EPSS
Exploits2References1
Patchstack
Patchstack
added 2014/11/13 12:0 a.m.24 views

WordPress Paid Memberships Pro Plugin 1.7.14 - Directory Traversal

This vulnerability is in the services/getfile.php, It allows the attackers to read arbitrary files in the QUERYSTRING in a getfile action to wp-admin/admin-ajax.php. Solution Update the plugin...

5CVSS4.8AI score0.18558EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2014/05/13 2:0 p.m.51 views

CVE-2013-1407

The CVE-2013-1407 vulnerabilities affect the WordPress plugin Events Manager and the Events Manager Pro plugin, with multiple input vectors (scope, _wpnonce, user_name, dbem_phone, user_email, booking_comment) leading to XSS . Root cause: insufficient input validation/filtration in the index.php ...

4.3CVSS5.8AI score0.02058EPSS
Exploits3References3Affected Software1
Kitploit
Kitploit
added 2013/12/20 6:7 p.m.17 views

[CrowdRE] Reverse Engineering Tool

A new project called CrowdRE aims to make it easy for the reverse engineering of complex applications working in collaboration with other users. Normally, the process reversing software from a complicated binary can consume much time, CrowdRE will help accelerate this process through teamwork...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2011/07/27 12:0 a.m.3 views

PT-2011-3363 · Gnu +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.11 Description: The issue is related to a heap-based buffer overflow in the read channel data function in the Paint Shop Pro PSP plugin. This can be triggered by a PSP COMP RLE aka RLE compression image file that begins a lon...

7.5CVSS8AI score0.03425EPSS
Exploits0References7
Rows per page
Query Builder