CVE-2025-15264 FeehiCMS TimThumb timthumb.php server-side request forgery

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

EUVD-2010-5262

Malware in sbrugna...

CVE-2010-5302

Cross-site scripting XSS vulnerability in timthumb.php in TimThumb before 1.15 as of 20100908 r88, as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING...

Wordpress MyBand插件-timthumb.php文件-跨站脚本漏洞

No description provided by source...

copiouscash.com XSS vulnerability

Vulnerable URL: http://www.copiouscash.com/wp-content/themes/MoneyTheme/timthumb.php?src=111 .jpg Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google...

viktorfrank.cz XSS vulnerability

Open Bug Bounty ID: OBB-70332 Description| Value ---|--- Affected Website:| viktorfrank.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Cross site scripting

Cross-site scripting XSS vulnerability in timthumb.php in TimThumb before 1.15 as of 20100908 r88, as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING...

CVE-2010-5303

CVE-2010-5303 describes a cross-site scripting (XSS) vulnerability in TimThumb before 1.15 (r85), specifically in the displayError function, where an attacker could inject arbitrary script/HTML via $errorString. Affected: TimThumb core used in multiple products. Impact: remote abuse of XSS. Mitig...

CVE-2009-5142

Technical details of CVE-2009-5142 are not publicly available in the provided connected documents. Monitor for updates.

CVE-2010-5302

Cross-site scripting XSS vulnerability in timthumb.php in TimThumb before 1.15 as of 20100908 r88, as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING...

WordPress MyBand Theme Cross Site Scripting

|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress MyBand Theme Cross site scripting | | Exploit Author: Ashiyane Digital Security Team | | Date : Date: 2014-08-03 | | Vendor Homepage :...

WordPress Gamespeed Theme Cross Site Scripting

Exploit Title : Wordpress Gamespeed Theme Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://www.dalih.net/ Date: 3/8/2014 Tested On : Linux , Windows Software Link : http://www.dalih.net/wordpress-themes/game-speed/...

Multiple Wordpress Plugin timthumb.php Vulnerabilites

No description provided by source. Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php librar...

WordPress MoneyTheme Cross Site Scripting / Shell Upload

Title : Wordpress MoneyTheme Themes XSS / Arbitrary File Upload Author : DevilScreaM Date : 10/27/2013 Category : Web Applications Type : PHP Vendor : http://themesjunction.com Link : http://themesjunction.com/theme/moneywordpresstemplate-17129.html Greetz : 0day-id.com | newbie-security.or.id |...

Some WordPress Themes, Thousands of Sites Open to XSS Vulnerability

A number of WordPress themes being distributed by the developer Parallelus are vulnerable to cross-site scripting XSS attacks, reports said. Themes, bits of PHP and HTML code that alter the look and functionality of sites, are usually installed via WordPress’ dashboard tool or by FTP. According t...

Multiple WordPress Plugins - timthumb.php File Upload

Multiple WordPress Plugins - timthumb.php File Upload Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the...

WordPress Multiple Plugin - timthumb.php Vulnerabilites

This Multiple plugin is prone to a timthumb.php library vulnerabilities. The attacker controls domain such as blogger.com by hosting a malicious GIF file with code that is appended to the end on. Then provides it to the script through the src GET parameter. Solution Upgrade the plugin...

WordPress Plugin timthumb.php Shell Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

Multiple WordPress Plugins - 'timthumb.php' File Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

Multiple Wordpress Plugin timthumb.php Vulnerabilites

Exploit for php platform in category web applications Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the...