6 matches found
EUVD-2007-4150
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in the Unnamed theme 1.217, and Special Edition SE 1.02, before 20070804 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757, CVE-2007-4014, and CVE-2007-416...
CVE-2007-4166
Cross-site scripting XSS vulnerability in index.php in the Unnamed theme 1.217, and Special Edition SE 1.02, before 20070804 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757, CVE-2007-4014, and CVE-2007-416...
CVE-2007-4166
Cross-site scripting XSS vulnerability in index.php in the Unnamed theme 1.217, and Special Edition SE 1.02, before 20070804 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757, CVE-2007-4014, and CVE-2007-416...
CVE-2007-4166
CVE-2007-4166 is described in the PRION entry as an XSS vulnerability in WordPress-related themes: index.php in the Unnamed theme 1.217 and Special Edition (SE) 1.02 (before 20070804) allows remote attackers to inject arbitrary web script via the s parameter. The root cause is unsanitized input i...
WordPress Unnamed Theme <= 1.217 - XSS
Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the theme...