24 matches found
EUVD-2008-4712
Malware in sbrugna...
EUVD-2008-4714
Malware in sbrugna...
EUVD-2008-4713
Malware in sbrugna...
EUVD-2024-22296
Malicious code in bioql PyPI...
CVE-2024-1350
Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue affects Honeypot for WP Comment: from n/a through 2.2.3...
CVE-2024-24933
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prasidhda Malla Honeypot for WP Comment allows Reflected XSS.This issue affects Honeypot for WP Comment: from n/a through 2.2.3...
CVE-2024-24933
CVE-2024-24933 refers to a reflected Cross‑Site Scripting (XSS) vulnerability in the Honeypot for WP Comment plugin for WordPress (versions up to 2.2.3). The flaw allows unauthenticated attackers to inject scripts via the page parameter and is currently marked as Unpatched (no fix available in th...
WordPress Honeypot for WP Comment Plugin <= 2.2.3 is vulnerable to Arbitrary File Deletion
Software Honeypot for WP Comment Type Plugin Vulnerable versions = 2.2.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Arbitrary File Deletion CVE CVE-2024-1350 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 972e393f6005...
WP Comment Twit <= 0.5 - Multiple CSRF
Plugin is still affected and has been closed...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the wpcrdooptionspage function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcrhiddenforminput parameter...
CVE-2008-4732
SQL injection vulnerability in ajaxcomments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-4734
Cross-site request forgery CSRF vulnerability in the wpcrdooptionspage function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcrhiddenforminput parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 replytotext, 2 quotetext, 3 originallypostedby, 4 sep, 5 maxtags, 6 tagsep, 7 tagheadersep, 8 taglabel, and 9...
Sql injection
SQL injection vulnerability in ajaxcomments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-4733
Cross-site scripting XSS vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 replytotext, 2 quotetext, 3 originallypostedby, 4 sep, 5 maxtags, 6 tagsep, 7 tagheadersep, 8 taglabel, and 9...
CVE-2008-4732
Summary of CVE-2008-4732 : The WP Comment Remix WordPress plugin is affected by an SQL injection in the file ajax_comments.php . The vulnerability allows remote attackers to execute arbitrary SQL commands through the p parameter. Affected version range is plugin versions before 1.4.4 . The issue ...
CVE-2008-4734
The CVE-2008-4734 entry describes a Cross-Site Request Forgery in the WordPress plugin WP Comment Remix (before 1.4.4). The vulnerability affects the wpcr_do_options_page function, where an attacker can trigger unauthorized administrator actions by crafting a request that sets the wpcr_hidden_for...
CVE-2008-4733
CVE-2008-4733 concerns the WP Comment Remix WordPress plugin. The vulnerability is an XSS in wpcommentremix.php affecting versions before 1.4.4, exploitable by supplying crafted values for the parameters (replytotext, quotetext, originallypostedby, sep, maxtags, tagsep, tagheadersep, taglabel, ta...
CVE-2008-4732
SQL injection vulnerability in ajaxcomments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter...
CVE-2008-4733
Cross-site scripting XSS vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 replytotext, 2 quotetext, 3 originallypostedby, 4 sep, 5 maxtags, 6 tagsep, 7 tagheadersep, 8 taglabel, and 9...