244001
|
4.3 |
MEDIUM
|
webengage_project
|
webengage
|
Cross-site scripting (XSS) vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4574
|
2014-07-12 02:53 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244002
|
4.3 |
MEDIUM
|
keyword_strategy_internal_links_project
|
keyword_strategy_internal_links
|
Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the Keyword Strategy Internal Links plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4537
|
2014-07-12 02:37 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244003
|
4.3 |
MEDIUM
|
wordpress_social_login_project
|
wordpress_social_login
|
Cross-site scripting (XSS) vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4576
|
2014-07-12 02:37 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244004
|
4.3 |
MEDIUM
|
oleggo_livestream_project
|
oleggo_livestream
|
Cross-site scripting (XSS) vulnerability in oleggo-twitter/twitter_login_form.php in the Oleggo LiveStream plugin 0.2.6 and earlier for WordPress allows remote attackers to inject arbitrary web scrip…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4540
|
2014-07-12 02:35 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244005
|
4.3 |
MEDIUM
|
omfg_mobile_project
|
omfg_mobile
|
Cross-site scripting (XSS) vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitra…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4541
|
2014-07-12 02:35 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244006
|
4.3 |
MEDIUM
|
ooorl_project
|
ooorl
|
Cross-site scripting (XSS) vulnerability in redirect.php in the Ooorl plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4542
|
2014-07-12 02:33 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244007
|
4.3 |
MEDIUM
|
wp_social_invitations_project
|
wp_social_invitations
|
Cross-site scripting (XSS) vulnerability in test.php in the WP Social Invitations plugin before 1.4.4.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl par…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4597
|
2014-07-12 02:33 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244008
|
4.3 |
MEDIUM
|
rezgo
|
online_booking
|
Multiple cross-site scripting (XSS) vulnerabilities in templates/default/index_ajax.php in the Rezgo Online Booking plugin before 1.8.2 for WordPress allow remote attackers to inject arbitrary web sc…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4547
|
2014-07-12 02:31 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244009
|
4.3 |
MEDIUM
|
wp_picasa_image_project
|
wp_picasa_image
|
Cross-site scripting (XSS) vulnerability in picasa_upload.php in the WP-Picasa-Image plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_i…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4591
|
2014-07-12 02:28 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244010
|
6.9 |
MEDIUM
|
intel
|
c202_chipset c204_chipset c206_chipset c216_chipset mobile_intel_qm67_chipset mobile_intel_qs67_chipset q67_express_chipset qm77_chipset qs77_chipset trusted_execution_tech…
|
Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C20…
|
NVD-CWE-noinfo
|
CVE-2013-5740
|
2014-07-12 00:31 |
2013-09-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244011
|
4.3 |
MEDIUM
|
redhat
|
enterprise_mrg
|
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers…
|
CWE-200
情報漏えい
|
CVE-2014-0174
|
2014-07-12 00:23 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244012
|
4.3 |
MEDIUM
|
pnp4nagios
|
pnp4nagios
|
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4908
|
2014-07-11 23:49 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244013
|
4.3 |
MEDIUM
|
polldaddy_polls_\&_ratings_plugin_project
|
polldaddy_polls_\&_ratings
|
Cross-site scripting (XSS) vulnerability in the Polldaddy Polls & Ratings plugin before 2.0.25 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a ra…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4856
|
2014-07-11 09:49 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244014
|
4.3 |
MEDIUM
|
polylang_plugin_project
|
polylang
|
Cross-site scripting (XSS) vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. N…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4855
|
2014-07-11 09:42 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244015
|
4.3 |
MEDIUM
|
opendocman
|
opendocman
|
Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name of an uploaded file.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4853
|
2014-07-11 09:10 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244016
|
7.5 |
HIGH
|
thedigitalcraft
|
atomcms
|
SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQLインジェクション
|
CVE-2014-4852
|
2014-07-11 09:08 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244017
|
4.3 |
MEDIUM
|
wp_appointments_schedules_project
|
wp_appointments_schedules
|
Cross-site scripting (XSS) vulnerability in js/test.php in the Appointments Scheduler plugin 1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4579
|
2014-07-11 03:42 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244018
|
4.3 |
MEDIUM
|
hot_files\
|
file_sharing_and_download_manager_project
|
Cross-site scripting (XSS) vulnerability in tpls/editmedia.php in the Hot Files: File Sharing and Download Manager (wphotfiles) plugin 1.0.0 and earlier for WordPress allows remote attackers to injec…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4588
|
2014-07-11 03:11 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244019
|
4.3 |
MEDIUM
|
wp_plugin_manager_project
|
wp_plugin_manager
|
Cross-site scripting (XSS) vulnerability in wp-plugins-net/index.php in the WP Plugin Manager (wppm) plugin 1.6.4.b and earlier for WordPress allows remote attackers to inject arbitrary web script or…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4593
|
2014-07-11 02:54 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244020
|
5.8 |
MEDIUM
|
foecms
|
foecms
|
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter.
|
NVD-CWE-Other
|
CVE-2014-4851
|
2014-07-11 02:54 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244021
|
5.8 |
MEDIUM
|
foecms
|
foecms
|
<a href="http://cwe.mitre.org/data/definitions/601.html" target="_blank">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>
|
NVD-CWE-Other
|
CVE-2014-4851
|
2014-07-11 02:54 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244022
|
4.3 |
MEDIUM
|
wu-rating_project
|
wu-rating
|
Cross-site scripting (XSS) vulnerability in wu-ratepost.php in the Wu-Rating plugin 1.0 12319 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the v parame…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4601
|
2014-07-11 02:53 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244023
|
7.5 |
HIGH
|
foecms
|
foecms
|
SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter.
|
CWE-89
SQLインジェクション
|
CVE-2014-4850
|
2014-07-11 02:51 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244024
|
4.3 |
MEDIUM
|
foecms
|
foecms
|
Multiple cross-site scripting (XSS) vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the (1) e or (2) r parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4849
|
2014-07-11 02:42 |
2014-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244025
|
4.3 |
MEDIUM
|
liferay
|
liferay_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-2963
|
2014-07-11 01:40 |
2014-07-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244026
|
4.3 |
MEDIUM
|
social_connect_project
|
social_connect
|
Cross-site scripting (XSS) vulnerability in diagnostics/test.php in the Social Connect plugin 1.0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the te…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4551
|
2014-07-11 00:39 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244027
|
4.3 |
MEDIUM
|
spotlightyour
|
spotlightyour
|
Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and earlier for WordPress allows remote attackers to…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4552
|
2014-07-11 00:39 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244028
|
4.3 |
MEDIUM
|
votecount_for_balatarin_project
|
votecount_for_balatarin
|
Cross-site scripting (XSS) vulnerability in bvc.php in the Votecount for Balatarin plugin 0.1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) ur…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4572
|
2014-07-11 00:12 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244029
|
4.3 |
MEDIUM
|
walk_score_project
|
walk_score
|
Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4573
|
2014-07-11 00:08 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244030
|
4.3 |
MEDIUM
|
jigoshop
|
swipe_hq_checkout_for_jigoshop
|
Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop (swipe-hq-checkout-for-jigoshop) plugin 3.1.0 and earlier for WordPress allows remote attackers to injec…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4557
|
2014-07-10 23:52 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244031
|
4.3 |
MEDIUM
|
toolpage_project
|
toolpage
|
Cross-site scripting (XSS) vulnerability in includes/getTipo.php in the ToolPage plugin 1.6.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the t parame…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4560
|
2014-07-10 23:51 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244032
|
4.3 |
MEDIUM
|
wpcb_project
|
wpcb
|
Cross-site scripting (XSS) vulnerability in facture.php in the WPCB plugin 2.4.8 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4581
|
2014-07-10 23:51 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244033
|
4.3 |
MEDIUM
|
verweise-wordpress-twitter_project
|
verweise-wordpress-twitter
|
Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and earlier for WordPress allows remote attac…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4566
|
2014-07-10 23:50 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244034
|
4.3 |
MEDIUM
|
videowhisper
|
video_posts_webcam_recorder
|
Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4568
|
2014-07-10 23:50 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244035
|
4.3 |
MEDIUM
|
kajona
|
kajona
|
Cross-site scripting (XSS) vulnerability in system/class_link.php in the System module (module_system) in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the syst…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4742
|
2014-07-10 23:05 |
2014-07-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244036
|
7.5 |
HIGH
|
artifectx
|
xclassified
|
SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQLインジェクション
|
CVE-2014-4741
|
2014-07-10 22:49 |
2014-07-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244037
|
4.3 |
MEDIUM
|
wp_app_maker_project
|
wp_app_maker
|
Cross-site scripting (XSS) vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4578
|
2014-07-10 04:00 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244038
|
4.3 |
MEDIUM
|
wp_blipbot_project
|
wp_blipbot
|
Cross-site scripting (XSS) vulnerability in blipbot.ajax.php in the WP BlipBot plugin 3.0.9 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the BlipBotID …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4580
|
2014-07-10 04:00 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244039
|
4.3 |
MEDIUM
|
wp_microblogs_project
|
wp_microblogs
|
Cross-site scripting (XSS) vulnerability in get.php in the WP Microblogs plugin 0.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the oauth_verifier p…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4590
|
2014-07-10 03:59 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244040
|
4.3 |
MEDIUM
|
wp_consultant_project
|
wp_consultant
|
Cross-site scripting (XSS) vulnerability in admin/admin_show_dialogs.php in the WP Consultant plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4582
|
2014-07-10 03:55 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244041
|
4.3 |
MEDIUM
|
wp_restful_project
|
wp_restful
|
Multiple cross-site scripting (XSS) vulnerabilities in the WP RESTful plugin 0.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) oauth_callback par…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4595
|
2014-07-10 03:53 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244042
|
4.3 |
MEDIUM
|
wp-business_directory_project
|
wp-business_directory
|
Multiple cross-site scripting (XSS) vulnerabilities in forms/search.php in the WP-Business Directory (wp-ttisbdir) plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary we…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4599
|
2014-07-10 03:51 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244043
|
4.3 |
MEDIUM
|
wp_ultimate_email_marketer_project
|
wp_ultimate_email_marketer
|
Multiple cross-site scripting (XSS) vulnerabilities in contact/edit.php in the WP Ultimate Email Marketer plugin 1.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4600
|
2014-07-10 03:51 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244044
|
4.3 |
MEDIUM
|
your-text-manager_project
|
your-text-manager
|
Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4604
|
2014-07-10 03:49 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244045
|
4.3 |
MEDIUM
|
zdstatistics_project
|
zdstatistics
|
Cross-site scripting (XSS) vulnerability in cal/test.php in the ZdStatistics (zdstats) plugin 2.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the la…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4605
|
2014-07-10 03:48 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244046
|
4.3 |
MEDIUM
|
zeenshare_project
|
zeenshare
|
Cross-site scripting (XSS) vulnerability in redirect_to_zeenshare.php in the ZeenShare plugin 1.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the zs…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4606
|
2014-07-10 03:45 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244047
|
4.3 |
MEDIUM
|
rezgo_project
|
rezgo
|
Cross-site scripting (XSS) vulnerability in book_ajax.php in the Rezgo plugin 1.4.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the response parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4546
|
2014-07-10 03:42 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244048
|
4.3 |
MEDIUM
|
style_it_project
|
style_it
|
Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the Style It plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parame…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4555
|
2014-07-10 03:42 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244049
|
4.3 |
MEDIUM
|
html5_video_player_with_playlist_plugin_project
|
html5_video_player_with_playlist_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitra…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2014-4534
|
2014-07-10 03:39 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244050
|
6.8 |
MEDIUM
|
piwigo
|
piwigo
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Piwigo before 2.6.2 allow remote attackers to hijack the authentication of administrators for requests that use the (1) pwg.groups.addUse…
|
CWE-352
同一生成元ポリシー違反
|
CVE-2014-4614
|
2014-07-10 03:37 |
2014-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|