EUVD-2015-9299

Malware in sbrugna...

WordPress searchterms-tagging-2 plugin SQL injection vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. searchterms-tagging-2 is an SEO Search Engine Optimization plugin used in it. The WordPress searchterms-tagging-2 plugin suffers...

WordPress searchterms-tagging-2 plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. searchterms-tagging-2 is an SEO Search Engine Optimization plugin used in it. A cross-site scripting vulnerability exists in the...

CVE-2015-9459

The CVE-2015-9459 entry concerns the WordPress plugin searchterms-tagging-2 (through version 1.535) and describes a cross-site scripting (XSS) vulnerability exploitable via the wp-admin/options-general.php count parameter. Affected component: the searchterms-tagging-2 plugin for WordPress. Root c...

WordPress SearchTerms Tagging Plugin <= 2 1.535 - Authenticated SQL Injection

Because of this vulnerability, authenticated administrators can execute arbitrary SQL commands. Solution Upgrade the plugin...

WordPress SearchTerms Tagging Plugin <= 2 1.535 - Authenticated SQL Injection

Because of this vulnerability, authenticated administrators can execute arbitrary SQL commands. Solution Upgrade the plugin...

SEO SearchTerms Tagging 2 <= 1.535 - XSS & Authenticated SQL Injection

Plugin is still affected and has been closed...

Cross site scripting

Cross-site scripting XSS vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: this might overlap CVE-2007-4024...

CVE-2008-5193

CVE-2008-5193 describes a Cross-site scripting (XSS) vulnerability in W1L3D4 Philboard, specifically in the file search.asp for versions 1.14 and 1.2. The underlying issue allows an attacker to inject arbitrary web script or HTML via the searchterms parameter. The related CVE notes a potential ov...

Cross site scripting

Cross-site scripting XSS vulnerability in admin.php in LifeType 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the searchTerms parameter in an editArticleCategories operation aka an admin category search...

LifeType searchTerms参数跨站脚本漏洞

BUGTRAQ ID: 29017 LifeType是一款开放源码的博客平台。 LifeType的admin.php文件中没有正确过滤searchTerms参数输入便返回给了管理员，如果将op设置为editArticleCategories的话，允许远程攻击者通过跨站脚本攻击导致在管理员浏览器会话环境中执行任意HTML和脚本代码。 LifeType 1.2.7 LifeType -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://prdownloads.sourceforge.net/lifetype/lifetype-1.2.8.tar....

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Savvy Content Manager CM allow remote attackers to inject arbitrary web script or HTML via the searchterms parameter to 1 searchresults.cfm, 2 searchresults.cfm, and 3 searchresults/index.cfm. NOTE: the provenance of this information is unknown...

CVE-2008-1306

Multiple cross-site scripting XSS vulnerabilities in Savvy Content Manager CM allow remote attackers to inject arbitrary web script or HTML via the searchterms parameter to 1 searchresults.cfm, 2 searchresults.cfm, and 3 searchresults/index.cfm. NOTE: the provenance of this information is unknown...

CVE-2007-4024

Cross-site scripting XSS vulnerability in W1L3D4aramasonuc.asp in W1L3D4 Philboard 0.3 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in W1L3D4aramasonuc.asp in W1L3D4 Philboard 0.3 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in philboardsearch.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-3885

Cross-site scripting XSS vulnerability in philboardsearch.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

GreatDomainsXSS.txt

GreatDomains.com - XSS with cookie disclosure ---------------------------------------------- Type: Cross site scripting Date: June, 16th 2006 ---------------------------------------------- Credits: ---------------------------------------------- Discovered by: David "Aesthetico" Vieira-Kurz...

CVE-2005-4247

Cross-site scripting XSS vulnerability in index.php in Plogger Beta 2 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter...

CVE-2005-4247

The CVE-2005-4247 entry concerns Plogger Beta 2 and earlier, with a Cross-site scripting (XSS) vulnerability in index.php exploitable via the searchterms parameter. The vulnerability can cause an attacker to inject arbitrary web script or HTML, with the impact limited to partial integrity comprom...