|
257711
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is no…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5295
|
2014-01-22 02:19 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257712
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in the request_filesystem_credentials function in wp-admin/includes/file.php in WordPress before 3.0.2 allow remote servers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5294
|
2014-01-22 02:18 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257713
|
- |
|
wordpress
|
wordpress
|
wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5293
|
2014-01-22 02:16 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257714
|
- |
|
sonatype
|
nexus
|
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
|
CWE-94
Code Injection
|
CVE-2014-0792
|
2014-01-21 23:14 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257715
|
- |
|
rick_mead
|
media_library_categories
|
Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) bulk parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6630
|
2014-01-18 04:16 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257716
|
- |
|
xyzscripts
|
newsletter_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for r…
|
CWE-352
Origin Validation Error
|
CVE-2012-6629
|
2014-01-18 03:51 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257717
|
- |
|
xyzscripts
|
newsletter_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) xyz_em_campNa…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6628
|
2014-01-18 03:50 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257718
|
- |
|
xyzscripts
|
newsletter_manager
|
Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6627
|
2014-01-18 03:35 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257719
|
- |
|
cisco
|
webex_meetings_server
|
The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source co…
|
CWE-255
Credentials Management
|
CVE-2013-6687
|
2014-01-18 00:12 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257720
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (applicatio…
|
CWE-20
Improper Input Validation
|
CVE-2013-7113
|
2014-01-17 14:20 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
