Sql injection

SQL injection vulnerability in sshandler.php in the WordPress Spreadsheet wpSS plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ssid parameter...

CVE-2014-8363

CVE-2014-8363 affects the WordPress Spreadsheet plugin (wpSS) for WordPress, specifically version 0.62 and potentially earlier. The vulnerability is an SQL injection in ss_handler.php via the ss_id parameter, allowing remote attackers to execute arbitrary SQL commands. Multiple sources (NVD, RH, ...

CVE-2014-8364

The CVE-2014-8364 entry maps to a Cross-site Scripting (XSS) vulnerability in the WordPress Spreadsheet plugin (wpSS) for WordPress, specifically in ss_handler.php (plugin version 0.62) exploitable via the ss_id parameter to inject script/HTML. This affects wpSS 0.62 on WordPress and is reported ...

WordPress Plugin wpSS - 'ss_handler.php' SQL Injection

source: https://www.securityfocus.com/bid/69089/info The WordPress Spreadsheet plugin wpSS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application,...

WordPress WPSS 0.62 SQL Injection

|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress WPSS V 0.62 Plugin Sql injection | | Exploit Author: Ashiyane Digital Security Team | | Date : Date: 2014-08-05 | | Vendor Homepage :...

wpSS <= 0.62 - SQL Injection & XSS

The wpSS WordPress plugin was affected by a SQL Injection & XSS security vulnerability...

WordPress wpSS Plugin - SQL Injection

This WordPress wpSS plugin's "sshandler.php" is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress Plugin wpSS - ss_handler.php SQL Injection

WordPress Plugin wpSS - sshandler.php SQL Injection source: https://www.securityfocus.com/bid/69089/info The WordPress Spreadsheet plugin wpSS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can...

WordPress wpSS插件ss_id参数SQL注入漏洞

BUGTRAQ ID: 28894 wpSS是WordPress中所使用的电子表格插件，允许在WordPress博客中嵌入交互式的电子表格。 wpSS插件的wpSS/ssload.php文件中没有正确地过滤对ssid参数的数便用在了SQL查询中： ssload.php $id = $GET'ssid'; .... ssfunctions.php: function ssload $id, $plain=FALSE .... if $wpdb-query"SELECT FROM $tablename WHERE id='$id'" == 0...

CVE-2008-1982

SQL injection vulnerability in ssload.php in the Spreadsheet wpSS 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ssid parameter...

CVE-2008-1982

CVE-2008-1982 affects the Spreadsheet (wpSS) WordPress plugin, version

wpspreadsheet-sql.txt

=========================================== There's standart sql-injection in Spreadsheet query"SELECT FROM $tablename WHERE id='$id'" == 0 .... == Visit us @ forum.antichat.ru...