28 matches found
EUVD-2014-8640
Malware in sbrugna...
EUVD-2015-9254
Malware in sbrugna...
EUVD-2014-8639
Malware in sbrugna...
EUVD-2011-3798
Malware in sbrugna...
EUVD-2015-3371
Malware in sbrugna...
EUVD-2013-2633
Malware in sbrugna...
CVE-2015-9414
The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...
Code injection
The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...
WP Symposium Plugin for WordPress forum_functions.php 'topic_id' Parameter SQLi
The WordPress WP Symposium Plugin installed on the remote host is affected by a SQL injection vulnerability due to a failure to properly sanitize user-supplied input to the 'topicid' parameter of the forumfunctions.php script. An unauthenticated, remote attacker can exploit this issue to conduct ...
WordPress WP Symposium Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.WP Symposium is one of the social networking plug-ins. A SQL injection vulnerability exists in WordPress WP Symposium plugin...
CVE-2015-6522
CVE-2015-6522 is a SQL injection vulnerability in the WordPress WP Symposium plugin, affecting versions before 15.8. The flaw allows remote attackers to execute arbitrary SQL commands through the size parameter of get_album_item.php. Documented sources confirm the vulnerability and its exposure v...
CVE-2015-3325
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERYSTRING to the default URI...
Sql injection
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERYSTRING to the default URI...
CVE-2015-3325
CVE-2015-3325 affects the WordPress WP Symposium plugin, specifically the forum.php component. The vulnerability is a SQL injection via the show parameter in the QUERY_STRING, allowing an unauthenticated, remote attacker to manipulate or disclose data in the back-end database. The issue is tied t...
CVE-2014-10021
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/...
Unrestricted file upload
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/...
CVE-2014-10021
The CVE-2014-10021 entry concerns the WP Symposium WordPress plugin (version 14.11). It describes an unauthenticated, unrestricted file upload vulnerability in UploadHandler.php that allows an attacker to upload a file with an executable extension and then access it via a direct URL to execute ar...
CVE-2014-8810
SQL injection vulnerability in ajax/mailfunctions.php in the WP Symposium plugin before 14.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tray parameter in a getMailMessage action...
CVE-2014-8809
Multiple cross-site scripting XSS vulnerabilities in the WP Symposium plugin before 14.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 text parameter in an addComment action to ajax/profilefunctions.php, 2 composetext parameter in a sendMail action to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the WP Symposium plugin before 14.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 text parameter in an addComment action to ajax/profilefunctions.php, 2 composetext parameter in a sendMail action to...