PT-2012-1989 · WordPress +1 · Wordpress +1

Name of the Vulnerable Software and Affected Versions: WordPress versions 3.3.1 and earlier Description: The installation component in WordPress does not ensure that the specified MySQL database service is appropriate, allowing remote attackers to configure an arbitrary database via the dbhost an...

PT-2012-1988 · WordPress +1 · Wordpress +1

Name of the Vulnerable Software and Affected Versions: WordPress versions 3.3.1 and earlier Description: The installation component in WordPress generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid. This makes it easier fo...

WordPress 3.3.1 Code Execution / Cross Site Scripting

Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product...

WordPress 3.3.1 Code Execution / Cross Site Scripting

No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version...

WordPress <= 3.3.1 - Multiple Vulnerabilities

WordPress version 3.3.1 is prone to PHP code execution and persistent cross-site scripting vulnerabilities via "setup-config.php" page. The attackers can host their own MySQL database server and then successfully complete the WordPress installation without having any valid credentials on the targ...

WordPress <= 3.3.1 Multiple Vulnerabilities

Exploit for php platform in category web applications Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product description:...

WordPress <= 3.3.1 - Multiple XSS

Because of these vulnerabilities in wp-admin/setup-config.php, the attackers can inject arbitrary web script or HTML. Solution Update WordPress...

WebTitan Appliance 3.50.x Script Insertion

Title: ====== WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities Date: ===== 2012-01-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=89 VL-ID: ===== 89 Introduction: ============= WebTitan is a complete internet monitoring software web filter which provides...

WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities

Document Title: =============== WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=89 Release Date: ============= 2012-01-12 Vulnerability Laboratory ID VL-ID: ==================================== 89...

WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities

Document Title: =============== WebTitan Appliance v3.50.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=89 Release Date: ============= 2012-01-12 Vulnerability Laboratory ID VL-ID: ==================================== 89...

CVE-2011-5053

The Wi-Fi Protected Setup WPS protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or...

CVE-2011-5053

The Wi-Fi Protected Setup WPS protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or...

CVE-2011-5053

The CVE-2011-5053 issue concerns Wi-Fi Protected Setup (WPS) external registrar PIN authentication, where failed PINs leak information via EAP-NACK messages, enabling an attacker within range to brute-force the 8-digit PIN and obtain the network password or reconfigure the AP. Documented impact i...

Cross site scripting

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool

I'm a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors I have connected the more things I can do in parallel, and I can bounce back and forth between tasks, given that no one interrupts me. When I find an application that can do more than one thing...

TextPattern 4.4.1 - ddb Cross-Site Scripting

TextPattern 4.4.1 - ddb Cross-Site Scripting source: https://www.securityfocus.com/bid/51254/info TextPattern is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Reaver - WiFi Protected Setup (WPS)

Exploit Title: Reaver WiFi Protected Setup Exploit Google Dork: Date: 28 December 2011 Author: [email protected] Software Link: http://www.tacnetsol.com/products/ Version: All 802.11 access points implementing WiFi Protected Setup and have it enabled. Tested on: Access points from Linksys,...

Reaver - WiFi Protected Setup (WPS)

Reaver - WiFi Protected Setup WPS Exploit Title: Reaver WiFi Protected Setup Exploit Google Dork: Date: 28 December 2011 Author: [email protected] Software Link: http://www.tacnetsol.com/products/ Version: All 802.11 access points implementing WiFi Protected Setup and have it enabled. Tested...