WordPress plugin WP Mobile Detector 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

mcGallery 'lang' Parameter Multiple Cross Site Scripting Vulnerabilities

背景： PhpForums.net mcGallery是一款网站图片管理脚本工具。 类型： xss 影响： 可注入任意web脚本或HTML 分析： PhpForums.net mcGallery 1.1版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助对 1admin.php, 2index.php, 3sess.php, 4stats.php, 5detail.php, 6resize.php, 7show.php的lang参数，注入任意web脚本或HTML。...

CVE-2014-4574

Cross-site scripting XSS vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter...

WordPress WebEngage Plugin <= 2.0.0 - XSS

Because of this vulnerability in resize.php, the attackers to inject arbitrary web script or HTML via the "height" parameter or renderer.php or callback.php. Solution Update the plugin...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to 1 admin.php, 2 index.php, 3 sess.php, 4 stats.php, 5 detail.php, 6 resize.php, and 7 show.php. NOTE: the provenance of this...

wppict-disclose.txt

Wordpress Plugin PictPress = release0.91 Remote File Disclosure Vulnerability D.Script : http://downloads.wordpress.org/plugin/pictpress.release-0.91.zip Vuln Code : In Line 5,6,7,8 : $path = $GET'path'; $size = $GET'size'; $base = dirnameFILE . "/.."; $cache = "$base/cache/$size/$path"; In Line ...