CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2019/08/28 12:0 a.m.•4 views

WordPress reflex-gallery plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. reflex-gallery is a responsive photo gallery plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.0019EPSS

NVD•added 2019/08/22 2:15 p.m.•14 views

CVE-2013-7482

The reflex-gallery plugin before 1.4.3 for WordPress has XSS...

6.1CVSS6.4AI score0.0019EPSS

Prion•added 2019/08/22 2:15 p.m.•11 views

Cross site scripting

The reflex-gallery plugin before 1.4.3 for WordPress has XSS...

4.3CVSS7.2AI score0.0019EPSS

Cvelist•added 2019/08/22 1:12 p.m.•14 views

CVE-2013-7482

The reflex-gallery plugin before 1.4.3 for WordPress has XSS...

6.4AI score0.0019EPSS

CVE•added 2019/08/22 1:12 p.m.•37 views

CVE-2013-7482

The CVE-2013-7482 entry concerns the Reflex Gallery WordPress plugin, with the affected component being the reflex-gallery plugin for WordPress. Multiple connected sources confirm a cross-site scripting (XSS) vulnerability present in versions prior to 1.4.3. The Red Hat entry and CNVD/CVE records...

6.1CVSS6.4AI score0.0019EPSS

Dsquare•added 2016/12/01 12:0 a.m.•137 views

WordPress ReFlex Gallery 3.1.3 File Upload

File upload in WordPress ReFlex Gallery plugin php.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

1.4AI score

NVD•added 2015/05/28 2:59 p.m.•21 views

CVE-2015-4133

Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/...

7.5CVSS7.7AI score0.752EPSS

Exploits2References7

CVE•added 2015/05/28 2:0 p.m.•61 views

CVE-2015-4133

CVE-2015-4133 concerns the ReFlex Gallery WordPress plugin (affected version: before 3.1.4). The issue is an unrestricted file upload in admin/scripts/FileUploader/php.php, allowing an attacker to upload a PHP file and access it via uploads/ to execute arbitrary code remotely. The root cause is i...

7.5CVSS8AI score0.752EPSS

Exploits2References7Affected Software1

Cvelist•added 2015/05/28 2:0 p.m.•18 views

CVE-2015-4133

7.7AI score0.752EPSS

Exploits2References7

Patchstack•added 2015/05/28 12:0 a.m.•26 views

WordPress ReFlex Gallery Plugin <= 3.1.3 - Unrestricted File Upload

This vulnerability is in admin/scripts/FileUploader/php.php. It allows an attacker to execute arbitrary PHP code by uploading a file with a PHP extension. And then an attacker can access it via a direct request to the file in uploads/ directory. Solution Update the plugin...

7.5CVSS5.1AI score0.752EPSS

Exploits2References1Affected Software1

Patchstack•added 2015/05/15 12:0 a.m.•8 views

WordPress ReFlex Gallery Plugin <= 1.3 - Shell Upload

This plugin is prone to a shell upload vulnerability. Solution Update plugin...

2.1AI score

Patchstack•added 2015/05/15 12:0 a.m.•13 views

WordPress ReFlex Gallery Plugin <= 1.4.2 - Unspecified XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update plugin...

2.6AI score

Exploits0Affected Software1

Patchstack•added 2015/05/14 12:0 a.m.•12 views

WordPress Reflex Gallery Plugin <= 3.1.4 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

2.2AI score

seebug.org•added 2015/05/04 12:0 a.m.•27 views

Wordpress Reflex Gallery 3.1.3 /reflex-gallery-php.php 文件上传漏洞

No description provided by source...

7.1AI score

CNVD•added 2015/04/24 12:0 a.m.•1 views

WordPress Reflex Gallery File Upload Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A file upload vulnerability exists in WordPress Reflex Gallery. The vulnerability allows attackers to perform arbitrary file...

8.1AI score

Patchstack•added 2015/04/21 12:0 a.m.•11 views

WordPress Reflex Gallery Plugin - Upload Vulnerability

This vulnerability allows an attacker to upload arbitrary PHP code and execute it. Solution Upgrade the plugin...

3.9AI score

Exploit DB•added 2015/04/21 12:0 a.m.•49 views

WordPress Plugin Reflex Gallery - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress Reflex Gallery Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the WordPres...

7AI score

0day.today•added 2015/04/19 12:0 a.m.•42 views

Wordpress Plugin Reflex Gallery arbitrary file upload Exploit

This Metasploit module exploits an arbitrary PHP code upload in the WordPress Reflex Gallery version 3.1.3. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: http://metasploit.com/download Current source:...

8AI score