Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

WPVulnDB
WPVulnDBadded 2014/08/01 10:59 a.m.350 views

NOSpamPTI 2.1 - wp-comments-post.php comment_post_ID Parameter SQL Injection

The nospampti WordPress plugin was affected by a wp-comments-post.php commentpostID Parameter SQL Injection security vulnerability...

7.5CVSS2.7AI score0.01563EPSS
Exploits6References2Affected Software1
Cvelist
Cvelistadded 2013/09/23 10:0 a.m.22 views

CVE-2013-5917

SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the commentpostID parameter...

8.3AI score0.01563EPSS
Exploits6References1
CVE
CVEadded 2013/09/23 10:0 a.m.90 views

CVE-2013-5917

The CVE-2013-5917 entry concerns the WordPress NOSpamPTI plugin (version 2.1). The vulnerability is a SQL injection in wp-comments-post.php via the comment_post_ID parameter, enabling remote attackers to manipulate the database and potentially exfiltrate data. Multiple connected sources confirm t...

7.5CVSS8.4AI score0.01563EPSS
Exploits6References1Affected Software1
Packet Storm
Packet Stormadded 2013/09/20 12:0 a.m.45 views

WordPress NOSpamPTI 2.1 Blind SQL Injection

NOSpamPTI Wordpress plugin Blind SQL Injection Vendor product description NOSpamPTI eliminates the spam in your comment box so strong and free, developed from the idea of Nando Vieira http://bit.ly/d38gB8, but some themes do not support changes to the functions.php to this we alter this function...

7.5CVSS0.4AI score0.01563EPSS
Exploits6
OSV
OSVadded 2012/04/21 11:55 p.m.1 views

DEBIAN-CVE-2012-2404

wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors...

4.3CVSS5.7AI score0.02327EPSS
Exploits0References1
Patchstack
Patchstackadded 2012/04/21 12:0 a.m.24 views

WordPress <= 3.3.1 - XSS #1

This vulnerability is in the wp-comments-post.php. It allows the attackers to conduct XSS attacks via unspecified vectors. Solution Update WordPress...

4.3CVSS5.4AI score0.02327EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2012/01/03 12:0 a.m.10 views

WordPress <= 3.3.0 - XSS

Because of this vulnerability in wp-comments-post.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

2.6CVSS1.9AI score0.00601EPSS
Exploits1References1Affected Software1
seebug.org
seebug.orgadded 2009/07/27 12:0 a.m.25 views

WordPress 'wp-comments-post.php'跨站脚本漏洞

WordPress 2.8.1 WordPress是一款流行的blog系统。 WordPress 'wp-comments-post.php'不正确处理用户输入,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 'wp-comments-post.php'脚本对评注信息缺少过滤,提交恶意脚本代码并诱使用户访问可导致获得目标用户浏览器COOKIE等敏感信息。 Bugraq ID: 35797 CNCAN ID:CNCAN-2009072508 厂商解决方案 目前没有解决方案提供: http://wordpress.org/...

6.9AI score
Exploits0
exploitpack
exploitpackadded 2009/07/24 12:0 a.m.10 views

WordPress 2.8.1 - url Cross-Site Scripting

WordPress 2.8.1 - url Cross-Site Scripting !/bin/bash echo "wp281.quickprz // iso^kpsbr" SITE=$1 COMMENT=$2 MESSAGE="h4x0riZed by the superfreakaz0rz" if "X$SITE" = "X" ; then echo "$0 postID" echo "f.e. $0 www.worstpress.eu" exit fi if "X$POSTID" = "X" ; then POSTID=1 fi echo "+ building payload...

6.8AI score
Exploits0
Rows per page
Query Builder