46 matches found
EUVD-2014-8640
Malware in sbrugna...
EUVD-2015-9254
Malware in sbrugna...
EUVD-2014-8639
Malware in sbrugna...
EUVD-2011-3798
Malware in sbrugna...
EUVD-2015-3371
Malware in sbrugna...
EUVD-2013-2633
Malware in sbrugna...
CVE-2015-9414
The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...
WordPress Symposium Plugin SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Symposium Plugin SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in the WP Symposium plugin befor...
WP Symposium Plugin for WordPress < 15.8 SQL Injection
The WordPress WP Symposium Plugin installed on the remote host is affected by a SQL Injection. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
WordPress wp-symposium plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-symposium is a social networking plugin used in it. A cross-site scripting vulnerability exists in the WordPress wp-symposium plugi...
Code injection
The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...
WP Symposium Plugin Arbitrary File Upload
The WP Symposium Plugin for WordPress running on the remote web server is affected with an remote file upload vulnerability. A remote, unauthenticated attacker can exploit this vulnerability, via a specially crafted request, allowing an attacker to execute arbitrary code on the target web...
WordPress Symposium Plugin SQL Injection (CVE-2015-6522)
An SQL injection vulnerability exists in the WordPress Symposium Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
WP Symposium Plugin for WordPress forum_functions.php 'topic_id' Parameter SQLi
The WordPress WP Symposium Plugin installed on the remote host is affected by a SQL injection vulnerability due to a failure to properly sanitize user-supplied input to the 'topicid' parameter of the forumfunctions.php script. An unauthenticated, remote attacker can exploit this issue to conduct ...
WordPress WP Symposium Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.WP Symposium is one of the social networking plug-ins. A SQL injection vulnerability exists in WordPress WP Symposium plugin...
CVE-2015-6522
CVE-2015-6522 is a SQL injection vulnerability in the WordPress WP Symposium plugin, affecting versions before 15.8. The flaw allows remote attackers to execute arbitrary SQL commands through the size parameter of get_album_item.php. Documented sources confirm the vulnerability and its exposure v...
WordPress Symposium Plugin 15.1 - Blind SQL Injection
Because of this vulnerability an attacker can extract information from the database. Solution Upgrade to version 15.8...
WordPress Symposium Plugin 15.1 - SQL Injection #2
WP Symposium plugin's "size" parameter is prone to an SQL injection via getalbumitem.php. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Related records:...
CVE-2015-3325
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERYSTRING to the default URI...
Sql injection
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERYSTRING to the default URI...