WordPress 3.3.1 Code Execution / Cross Site Scripting

No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version...

WordPress 3.3.1 Code Execution / Cross Site Scripting

Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product...

WordPress <= 3.3.1 Multiple Vulnerabilities

Exploit for php platform in category web applications Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product description:...

WordPress <= 3.3.1 - Multiple Vulnerabilities

WordPress version 3.3.1 is prone to PHP code execution and persistent cross-site scripting vulnerabilities via "setup-config.php" page. The attackers can host their own MySQL database server and then successfully complete the WordPress installation without having any valid credentials on the targ...

WordPress <= 3.3.1 - Multiple XSS

Because of these vulnerabilities in wp-admin/setup-config.php, the attackers can inject arbitrary web script or HTML. Solution Update WordPress...

WebTitan Appliance 3.50.x Script Insertion

Title: ====== WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities Date: ===== 2012-01-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=89 VL-ID: ===== 89 Introduction: ============= WebTitan is a complete internet monitoring software web filter which provides...

WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities

Document Title: =============== WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=89 Release Date: ============= 2012-01-12 Vulnerability Laboratory ID VL-ID: ==================================== 89...

WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities

Document Title: =============== WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=89 Release Date: ============= 2012-01-12 Vulnerability Laboratory ID VL-ID: ==================================== 89...

CVE-2011-5053

The Wi-Fi Protected Setup WPS protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or...

CVE-2011-5053

The Wi-Fi Protected Setup WPS protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or...

CVE-2011-5053

The CVE-2011-5053 issue concerns Wi-Fi Protected Setup (WPS) external registrar PIN authentication, where failed PINs leak information via EAP-NACK messages, enabling an attacker within range to brute-force the 8-digit PIN and obtain the network password or reconfigure the AP. Documented impact i...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool

I'm a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors I have connected the more things I can do in parallel, and I can bounce back and forth between tasks, given that no one interrupts me. When I find an application that can do more than one thing...

TextPattern 4.4.1 - ddb Cross-Site Scripting

TextPattern 4.4.1 - ddb Cross-Site Scripting source: https://www.securityfocus.com/bid/51254/info TextPattern is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Reaver - WiFi Protected Setup (WPS)

Reaver - WiFi Protected Setup WPS Exploit Title: Reaver WiFi Protected Setup Exploit Google Dork: Date: 28 December 2011 Author: [email protected] Software Link: http://www.tacnetsol.com/products/ Version: All 802.11 access points implementing WiFi Protected Setup and have it enabled. Tested...

Reaver - WiFi Protected Setup (WPS)

Exploit Title: Reaver WiFi Protected Setup Exploit Google Dork: Date: 28 December 2011 Author: [email protected] Software Link: http://www.tacnetsol.com/products/ Version: All 802.11 access points implementing WiFi Protected Setup and have it enabled. Tested on: Access points from Linksys,...

Attack Tool Released for WPS PIN Vulnerability

Just a day after security researcher Stefan Viehbock released details of a vulnerability in the WiFi Protected Setup WPS standard that enables attackers to recover the router PIN, a security firm has published an open-source tool capable of exploiting the vulnerability. The tool, known as Reaver,...

Reaver brute force attack Tool, Cracking WPA in 10 Hours

Reaver brute force attack Tool, Cracking WPA in 10 Hours The WiFi Protected Setup protocol is vulnerable to a brute force attack that allows an attacker to recover an access point's WPS pin, and subsequently the WPA/WPA2 passphrase, in just a matter of hours. Reaver is a WPA attack tool developed...