Lucene search
K

144 matches found

Packet Storm
Packet Storm
added 2013/01/14 12:0 a.m.22 views

WordPress Daily Edition Mouss XSS / Disclosure / Shell Upload

Hello list! I want to warn you about multiple vulnerabilities in Daily Edition Mouss theme for WordPress. In 2011 when I wrote about Cross-Site Scripting WASC-08, Full path disclosure WASC-13, Abuse of Functionality WASC-42 and Denial of Service WASC-10 vulnerabilities in TimThumb and multiple...

7.4AI score
Exploits0
0day.today
0day.today
added 2013/01/13 12:0 a.m.18 views

Wordpress display theme Full Path Disclosure vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/12/18 12:0 a.m.11 views

WordPress Rokbox Plugin Multiple Vulnerabilities

WordPress Rokbox Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress...

7.3AI score
Exploits0References3
securityvulns
securityvulns
added 2012/12/18 12:0 a.m.96 views

Multiple vulnerabilities in RokBox for WordPress

Hello 3APA3A! I want to warn you about multiple security vulnerabilities in plugin Rokbox for WordPress. These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service, Arbitrary File Upload, Content Spoofing and Information Leakage vulnerabilities. Rokbox uses...

6.5AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/17 12:0 a.m.19 views

WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf?abouttext' Cross-Site Scripting

source: https://www.securityfocus.com/bid/56953/info The TimThumb plug-in for WordPress is prone to multiple security vulnerabilities, including: 1. A cross-site scripting vulnerability 2. Multiple security-bypass vulnerabilities 3. An arbitrary file-upload vulnerability 4. An...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/12/15 12:0 a.m.25 views

WordPress RokBox Multiple Vulnerabilities

These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service, Arbitrary File Upload, Content Spoofing and Information Leakage vulnerabilities. Rokbox uses TimThumb 1.16 and JW Player 4.4.198, so some of vulnerabilities are related to plugin itself, some to...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2012/12/14 1:51 p.m.16 views

DDoS Attacks on Major US Banks Resurface

UPDATE — The group that claimed responsibility for large-scale distributed denial-of-service attacks against major U.S. banks in September and October has carried out another flurry of attacks that are still ongoing today. Izz ad-Din al-Qassam Cyber Fighters posted its latest threat on Pastebin,...

7.5AI score
Exploits0References6
0day.today
0day.today
added 2012/06/29 12:0 a.m.13 views

GetSimple Plugins - The Photo Gallery Timthumb Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/14 12:0 a.m.37 views

WordPress Katalyst Timthumb 1.0 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/06/13 12:0 a.m.32 views

Wordpress Plugins (katalyst-timthumb 1.0) File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/04/10 12:0 a.m.170 views

WordPress thumbnail script timthumb. php exploit detailed explanation-vulnerability warning-the black bar safety net

timthumb. php is a very popular Wordpress thumbnail script. Abroad some of the very famous themes are used in this plugin, such as Woothemes, etc. Vulnerability is mainly because of the timthumb by default defines a including Flickr, Picasa and other famous photo sharing site to the white list...

7.7AI score
Exploits0
Dsquare
Dsquare
added 2012/01/26 12:0 a.m.181 views

Timthumb 1.32 File Upload

Remote file upload vulnerability in Timthumb Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

6.8CVSS0.6AI score0.23165EPSS
Exploits17References1
Tenable Nessus
Tenable Nessus
added 2011/11/08 12:0 a.m.68 views

TimThumb Cache Directory 'src' Parameter Arbitrary PHP File Upload

The version of TimThumb hosted on the remote web server allows an unauthenticated, remote attacker to upload arbitrary PHP files as specified by input to the 'src' parameter and retrieved from third- party sites to its cache directory. It's likely that these files can then be executed by requesti...

6.8CVSS9AI score0.23165EPSS
Exploits17References3
Tenable Nessus
Tenable Nessus
added 2011/11/03 12:0 a.m.14 views

TimThumb Application Detection

Binary data 6058.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/11/03 12:0 a.m.12 views

TimThumb Arbitrary Code Injection

Binary data 6059.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/11/03 12:0 a.m.13 views

TimThumb Version Detection

Binary data 6060.prm...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2011/11/02 4:19 p.m.4 views

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2011/11/02 4:19 p.m.18 views

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2011/11/02 2:38 p.m.11 views

Compromised WordPress Sites Redirecting to Black Hole Exploit Kit Servers

The Black Hole exploit kit is really becoming a serious pain in the neck for people trying to use the Internet. At some point, it may become easier to start a list of the URLs that aren’t hosting the exploit kit, rather than the ones that are. For the time being, the latest entry in the latter...

0.4AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/10/18 12:0 a.m.18 views

FreeBSD : PivotX -- Remote File Inclusion Vulnerability of TimThumb (e454ca2f-f88d-11e0-b566-00163e01a509)

The PivotX team reports : TimThumb domain name security bypass and insecure cache handling. PivotX before 2.3.0 includes a vulnerable version of TimThumb. If you are still running PivotX 2.2.6, you might be vulnerable to a security exploit, that was patched previously. Version 2.3.0 doesn't have...

5.5AI score
Exploits0References1
Rows per page
Query Builder