17 matches found
CVE-2025-49049
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Gallery: from n/a through = 12.39...
WordPress DZS Videogallery Plugin Cross-Site Scripting
A cross-site scripting vulnerability exists in WordPress DZS Videogallery Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities
No description provided by source...
WordPress DZS Videogallery Plugin Multiple Vulnerabilities
WordPress DZS Videogallery Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress Plugin DZS Videogallery 8.60 - Multiple Vulnerabilities
WordPress Plugin DZS Videogallery 8.60 - Multiple Vulnerabilities Exploit Title: Wordpress DZS Videogallery Plugin - Multiple Vulnerabilities --------------------------------------- Unauthenticated CSRF & XSS POC:...
WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities
Exploit Title: Wordpress DZS Videogallery Plugin - Multiple Vulnerabilities --------------------------------------- Unauthenticated CSRF & XSS POC: http://target/wp-content/plugins/dzs-videogallery/admin/tagseditor/popup.php?initer=whatava18642%27%3balert%281%29%2f%2f645 Line 13-15 unsanitized...
WordPress DZS Videogallery Plugin <= 8.60 - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Wordpress DZS Videogallery Plugin - Multiple Vulnerabilities --------------------------------------- Unauthenticated CSRF & XSS POC:...
williamjobrien.org XSS vulnerability
Vulnerable URL: http://williamjobrien.org/wp-content/plugins/dzs-videogallery/ajax.php?ajax=true=400=610&type=vimeo=%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 22.11.2017 Latest check for patch:| 22.11.2017 09:43 GMT Vulnerability type:| XSS...
DZS Video Gallery Plugin - RCE & More
The dzs-videogallery WordPress plugin was affected by a RCE & More security vulnerability...
DZS Video Gallery - preview_skin_rouge.swf logoLink Parameter Reflected XSS
The dzs-videogallery WordPress plugin was affected by a previewskinrouge.swf logoLink Parameter Reflected XSS security vulnerability...
WordPress Plugin DZS-VideoGallery - Cross-Site Scripting Command Injection
WordPress Plugin DZS-VideoGallery - Cross-Site Scripting Command Injection source: https://www.securityfocus.com/bid/68525/info WordPress DZS-VideoGallery plugin is prone to multiple cross site scripting vulnerabilities and a command-injection vulnerability. An attacker may leverage these issues ...
WordPress Plugin DZS-VideoGallery - Cross-Site Scripting / Command Injection
source: https://www.securityfocus.com/bid/68525/info WordPress DZS-VideoGallery plugin is prone to multiple cross site scripting vulnerabilities and a command-injection vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...
WordPress DZS-VideoGallery ‘ajax.php’跨站脚本漏洞
Bugtraq ID:65526 WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。DZS-VideoGallery是其中的一个DZS视频库插件。 WordPress DZS-VideoGallery插件中存在跨站脚本漏洞,该漏洞源于程序没有正确过滤用户提交的输入。当用户浏览被影响的网站时,其浏览器将执行攻击者提供的任意脚本代码,这可能导致攻击者窃取基于cookie的身份认证并发起其它攻击。 0 WordPress DZS-VideoGallery...
WordPress DZS-VideoGallery Cross Site Scripting
Exploit Title : Wordpress dzs-videogallery plugin Cross site scripting Vulnerability Exploit Author : Adrian Vendor Homepage : http://digitalzoomstudio.net/ Google Dork : inurl:/wp-content/plugins/dzs-videogallery Date : 2014/01/25 Tested on : Windows 8 , Linux...
WordPress dzs-videogallery Plugins Remote File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress dzs-videogallery Plugins Remote File Upload Vulnerability Author: iskorpitx Date: 22/11/2013 Vendor Homepage: http://digitalzoomstudio.net Themes Link: http://digitalzoomstudio.net/docs/wpvideogallery/ Infected File:...
WordPress Plugin dzs-videogallery - Arbitrary File Upload
WordPress Plugin dzs-videogallery - Arbitrary File Upload Exploit Title: WordPress dzs-videogallery Plugins Remote File Upload Vulnerability Author: iskorpitx Date: 22/11/2013 Vendor Homepage: http://digitalzoomstudio.net Themes Link: http://digitalzoomstudio.net/docs/wpvideogallery/ Infected Fil...
Joomla! Component com_videogallery - Local File Inclusion SQL Injection
Joomla! Component comvideogallery - Local File Inclusion SQL Injection source: https://www.securityfocus.com/bid/53237/info The Video Gallery component for Joomla! is prone to local file-include and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attack...