Lucene search
K

59 matches found

wpexploit
wpexploit
added 2022/10/19 12:0 a.m.103 views

Webmaster Tools Verification <= 1.2 - Unauthenticated Arbitrary Plugin Deactivation

The plugin does not have authorisation and CSRF checks when disabling plugins, allowing unauthenticated users to disable arbitrary plugins curl -X POST --data "wmtvuninstall=1&wmtvuninstallconfirm=1&plugin=akismet/akismet.php" https://example.com...

6.5CVSS2.7AI score0.00349EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/10/19 12:0 a.m.10 views

Webmaster Tools Verification <= 1.2 - Unauthenticated Arbitrary Plugin Deactivation

The plugin does not have authorisation and CSRF checks when disabling plugins, allowing unauthenticated users to disable arbitrary plugins PoC curl -X POST --data "wmtvuninstall=1uninstallconfirm=1=akismet/akismet.php" https://example.com...

6.5CVSS3.3AI score0.00349EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2022/10/19 12:0 a.m.20 views

WordPress Webmaster Tools Verification plugin <= 1.2 - Unauthenticated Arbitrary Plugin Deactivation vulnerability

Unauthenticated Arbitrary Plugin Deactivation vulnerability discovered by Daniel Ruf in WordPress Webmaster Tools Verification plugin versions = 1.2. Solution Deactivate and delete. This plugin has been closed as of October 19, 2022 and is not available for download. This closure is temporary,...

6.5CVSS2.4AI score0.00349EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2021/11/05 4:15 p.m.25 views

Cross site scripting

Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...

4.3CVSS6.2AI score0.0081EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.9 views

PT-2021-22582 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: Multiple Cross Site Scripting XSS vulnerabilities exist in SEO Panel via several parameters in various PHP files. The affected parameters include to time in files such as backlinks.php, analytics.php, and...

6.1CVSS6.2AI score0.0081EPSS
Exploits1References6
CNVD
CNVD
added 2021/03/26 12:0 a.m.10 views

SEO Panel Cross-Site Scripting Vulnerability (CNVD-2021-23383)

SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. The vulnerability can be exploited to inject JavaScript via the totime parameter in webmaster-tools.php...

4.8CVSS5.9AI score0.00755EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/03/26 12:0 a.m.8 views

SEO Panel 跨站脚本漏洞

SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. The vulnerability can be exploited to inject JavaScript via the totime parameter in webmaster-tools.php...

7.5CVSS5.2AI score0.01155EPSS
Exploits2References2
OSV
OSV
added 2021/03/25 8:15 p.m.17 views

CVE-2021-29008

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "totime" parameter...

4.8CVSS5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/03/25 12:0 a.m.7 views

PT-2021-18021 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: A cross-site scripting issue allows remote attackers to inject JavaScript code. The issue is exploited via the "webmaster-tools.php" endpoint, specifically through the to time parameter. Recommendations: F...

4.8CVSS4.8AI score0.00755EPSS
Exploits1References5
CNVD
CNVD
added 2019/11/15 12:0 a.m.1 views

Code Execution Vulnerability in Online Titanium Article Management System (OTCMS)

Nettitanium technology is committed to article management system, article news CMS, webmaster tools class of research and development, Nettitanium article management system station adopts mainstream DIV + CSS framework layout, applicable to the news release type of website, but also applies to...

7.9AI score
Exploits0
Exploit DB
Exploit DB
added 2018/01/03 12:0 a.m.50 views

WordPress Plugin Smart Google Code Inserter &lt; 3.5 - Authentication Bypass / SQL Injection

Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: 3.4...

9.8CVSS9.5AI score0.91477EPSS
Exploits6
exploitpack
exploitpack
added 2018/01/03 12:0 a.m.80 views

WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection

WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/...

7.5CVSS0.9AI score0.91477EPSS
Exploits6
Drupal
Drupal
added 2017/05/24 12:0 a.m.16 views

Site Verify - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2017-051

The Site Verify module enables privilege users to verify a site with services like Google Webmaster Tools using meta tags or file uploads. The module doesn't sufficiently sanitize input or restrict uploads. This vulnerability is mitigated by the fact that an attacker must have a role with the...

6.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2015/02/24 11:38 a.m.15 views

Google Broadens Scope of Unwanted Software Warnings

Google yesterday announced that it would expand its browser security efforts with a new warning in Chrome about unwanted software to caution users about accessing sites that are known to encourage unsafe downloads. The Mountain View, Calif., search and browsing giant has invested serious resource...

0.5AI score
Exploits0References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

CGIScript.net csPassword.CGI 1.0 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4887/info CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick. A vulnerability has been reported in the csPassword.cgi script developed by CGIScript.net that discloses...

7.1AI score
Exploits0
Atlassian
Atlassian
added 2014/05/26 1:6 p.m.21 views

Indexable User Content (Attachments) on Google

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47021. panel User content uploaded onto answers.atlassian.com is indexable by Google due to the lack of appropriate indexing...

0.1AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2011/01/02 12:18 p.m.18 views

Torrent-Finder fighting with Google for Domain !

The US government - along with organizations like the RIAA and the MPAA - are hitting Torrent sites where it hurts. Indeed, due to a slew of recent domain seizures, affected websites are currently experiencing major dips in traffic. However, Torrent-Finder is refusing to throw in the towel. The...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/09/29 1:57 p.m.13 views

Google Expands Malware-Alert Services for Site Operators

Google is expanding the set of tools it makes available to Webmasters to help them detect and remove malware infections on their sites, adding a new alert service that will let the owners of large blocks of sites know as early as possible about the presence of malicious content on any of the site...

1.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2009/10/13 1:33 p.m.11 views

Google to Provide Samples of Malicious Code to Webmasters

Google is making a significant change in the way that it handles legitimate sites that have been compromised and are serving up malware. The search giant announced Monday that it will now provide webmasters with specific examples of the malicious code that was used to compromise their sites. For...

0.3AI score
Exploits0References3
Rows per page
Query Builder