33 matches found
EUVD-2013-7240
Malware in sbrugna...
CVE-2013-7482
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
WordPress reflex-gallery plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. reflex-gallery is a responsive photo gallery plugin used in it. A cross-site scripting vulnerability exists in the WordPress...
CVE-2013-7482
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
Cross site scripting
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
CVE-2013-7482
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
CVE-2013-7482
The CVE-2013-7482 entry concerns the Reflex Gallery WordPress plugin, with the affected component being the reflex-gallery plugin for WordPress. Multiple connected sources confirm a cross-site scripting (XSS) vulnerability present in versions prior to 1.4.3. The Red Hat entry and CNVD/CVE records...
WordPress ReFlex Gallery 3.1.3 File Upload
File upload in WordPress ReFlex Gallery plugin php.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/...
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/...
CVE-2015-4133
CVE-2015-4133 concerns the ReFlex Gallery WordPress plugin (affected version: before 3.1.4). The issue is an unrestricted file upload in admin/scripts/FileUploader/php.php, allowing an attacker to upload a PHP file and access it via uploads/ to execute arbitrary code remotely. The root cause is i...
WordPress ReFlex Gallery Plugin <= 3.1.3 - Unrestricted File Upload
This vulnerability is in admin/scripts/FileUploader/php.php. It allows an attacker to execute arbitrary PHP code by uploading a file with a PHP extension. And then an attacker can access it via a direct request to the file in uploads/ directory. Solution Update the plugin...
WordPress ReFlex Gallery Plugin <= 1.4.2 - Unspecified XSS
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update plugin...
WordPress ReFlex Gallery Plugin <= 1.3 - Shell Upload
This plugin is prone to a shell upload vulnerability. Solution Update plugin...
WordPress Reflex Gallery Plugin <= 3.1.4 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
Wordpress Reflex Gallery 3.1.3 /reflex-gallery-php.php 文件上传漏洞
No description provided by source...
WordPress Reflex Gallery File Upload Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A file upload vulnerability exists in WordPress Reflex Gallery. The vulnerability allows attackers to perform arbitrary file...
WordPress Plugin Reflex Gallery - Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress Reflex Gallery Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the WordPres...
WordPress Reflex Gallery Plugin - Upload Vulnerability
This vulnerability allows an attacker to upload arbitrary PHP code and execute it. Solution Upgrade the plugin...
WordPress Reflex Gallery Upload
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress Reflex Gallery Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the WordPres...