15 matches found
CVE-2018-16725
An issue is discovered in baijiacms V4. XSS exists via the assets/weengine/components/zclip/ZeroClipboard.swf id parameter, aka "Non-standard use of the flash component."...
CVE-2018-16725
An issue is discovered in baijiacms V4. XSS exists via the assets/weengine/components/zclip/ZeroClipboard.swf id parameter, aka "Non-standard use of the flash component."...
worldstarhiphop.com XSS vulnerability
Vulnerable URL: http://www.worldstarhiphop.com/videos/swf/ZeroClipboard.swf?id=%22catcheif!self.aself.a=!alert%27OPENBUGBOUNTY%27// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
WordPress WP TopBar Plugin <= 3.04 - Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability in ZeroClipboard.swf. Solution Update the plugin...
allure-real-estate-theme-for-placester <= 0.1.1 - XSS in ZeroClipboard.swf
The Allure Real Estate Theme for Placester WordPress theme was affected by a XSS in ZeroClipboard.swf security vulnerability...
montezuma <= 1.1.3 - XSS in ZeroClipboard.swf
The Montezuma WordPress theme was affected by a XSS in ZeroClipboard.swf security vulnerability...
wp-topbar <= 3.04 - XSS in ZeroClipboard.swf
The WP-TopBar WordPress plugin was affected by a XSS in ZeroClipboard.swf security vulnerability...
1-flash-gallery <= 1.9.0 - XSS in ZeroClipboard.swf
Description The 1-flash-gallery WordPress plugin was affected by a XSS in ZeroClipboard.swf security vulnerability...
WordPress Scarlet Theme <= 1.1.3 - XSS
This WordPress theme is prone to a cross-site scripting XSS vulnerability in "ZeroClipboard.swf". It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...
WordPress Montezuma Theme <= 1.1.3 - XSS
This WordPress theme is prone to a cross-site scripting XSS vulnerability in "ZeroClipboard.swf". It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...
WordPress Allure Real Estate Theme <= 0.1.1 - XSS
This WordPress theme is prone to a cross-site scripting XSS vulnerability in "in ZeroClipboard.swf". It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...
Tiki Wiki CMS Groupware version 11.0 contains a cross-site scripting (XSS) vulnerability
Overview Tiki Wiki CMS Groupware version 11.0 and possibly earlier versions contain a cross-site scripting XSS vulnerability CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Tiki Wiki CMS Groupware version 11.0 and possibly earlier...
WPtouch / WPtouch Pro XSS / Path Disclosure Vulnerabilities
WPtouch and WPtouch Pro suffer from cross site scripting and path disclosure vulnerabilities. I want to inform you about vulnerabilities in WPtouch and WPtouch Pro plugins for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in...
WordPress Search N Save XSS / Path Disclosure
Hello list! I want to inform you about vulnerabilities in Search 'N Save plugin for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in ZeroClipboard.swf, which is used in the plugin. In February I wrote about Cross-Site Scripting...
[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF
Exploit Title: Wordpress wp-table-reloaded plugin XSS in SWF Release Date: 24/01/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/wp-table-reloaded.latest-stable.zip Vendor Homepage:...