PT-2025-33462 · WordPress · Add User Meta

Name of the Vulnerable Software and Affected Versions: Add User Meta plugin for WordPress versions up to and including 1.0.1 Description: The Add User Meta plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the add-user-meta page. Thi...

Expinion.net News Manager Lite 2.5 - 'more.asp?ID' SQL Injection

source: https://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. The issues exist in the 'commentadd.asp', 'search.asp',...

Majordomo 1.94.41.94.5 - Local -C Parameter (1)

Majordomo 1.94.41.94.5 - Local -C Parameter 1 source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of...

Majordomo 1.94.4/1.94.5 - Local -C Parameter (2)

// source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of several other scripts when run with the setuid...