6 matches found
EUVD-2009-4636
Malware in sbrugna...
Lytebox - Local File Inclusion
The wp-lytebox WordPress plugin was affected by a Local File Inclusion security vulnerability...
Directory traversal
Directory traversal vulnerability in main.php in the WP-Lytebox plugin 1.3 for WordPress allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pg parameter...
CVE-2009-4672
Directory traversal vulnerability in main.php in the WP-Lytebox plugin 1.3 for WordPress allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pg parameter...
CVE-2009-4672
CVE-2009-4672 : A Local File Inclusion vulnerability in WP-Lytebox 1.3 for WordPress is caused by improper filtering of the pg parameter in main.php, enabling remote attackers to include and potentially execute arbitrary local PHP files. Affected product: WP-Lytebox WordPress plugin (version 1.3)...
WP-Lytebox 'pg' Parameter Local File Inclusion
The remote host is running WP-Lytebox, a plugin for WordPress that uses Lytebox to add a lightbox functionality to HTML content. The version of WP-Lytebox installed on the remote host fails to filter user-supplied input to the 'pg' parameter of the 'main.php' script before using it to include PHP...