8 matches found
EUVD-2017-14594
Malware in sbrugna...
Unrestricted File Upload
backdrop is vulnerable to unrestricted file upload. The vulnerability exists in the themes module which allows an attacker to upload a malicious file as a theme for the theme installer, which can execute arbitrary code...
WonderCMS 操作系统命令注入漏洞
WonderCMS is a PHP-based open source content management system CMS. WonderCMS 3.1.3 exists an operating system command injection vulnerability, the vulnerability stems from an operating system command injection vulnerability in the installUpdateThemePluginAction function in index.php, which allow...
CVE-2017-5490
Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...
Cross site scripting
Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...
CVE-2017-5490
Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...
UBUNTU-CVE-2017-5490
Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...
CVE-2017-5490
Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...