WordPress NextGen Gallery跨站脚本漏洞

No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: WordPress NextGen swfupload.swf Cross Site Scripting vulnerability + Date: 09-01-2014 + Category: WebApp + Google Dork: :inurl:"/wp-content/plugins/nextgen-gallery/" + Tested on: KaliLinux + Friend's blog: www.na3il.com...

DEBIAN-CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

CVE-2013-2205

The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted web site...

swfupload 2.2.0.1 swfupload.swf 跨站脚本漏洞

No description provided by source...

DEBIAN-CVE-2012-2399

Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...

CVE-2012-2399

Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...