New vulnerabilities from the NVD: CVE-2015-9475 (pont) | | |
New vulnerabilities from the NVD: CVE-2015-9474 (simpolio) | | |
New vulnerabilities from the NVD: CVE-2015-9470 (history_collection) | | The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter. Published at: October 10, 2019 at 08:15PM View on website October 17, 2019 at 01:27AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9469 (content-grabber) | | The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id. Published at: October 10, 2019 at 08:15PM View on website October 17, 2019 at 01:27AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9457 (pretty_link) | | The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter. Published at: October 10, 2019 at 07:15PM View on website October 17, 2019 at 01:27AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9479 (acf_fronted_display) | | The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. Published at: October 10, 2019 at 08:15PM View on website October 17, 2019 at 07:27PM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9482 (car_dealer_/_auto_dealer_responsive) | | The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. Published at: October 11, 2019 at 09:15PM View on website October 17, 2019 at 11:18PM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2010-5334 (webclient) | | IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files. Published at: October 11, 2019 at 02:15PM View on website October 17, 2019 at 11:18PM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9481 (diplomat_|_political) | | The ThemeMakers Diplomat | Political theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. Published at: October 11, 2019 at 09:15PM View on website October 18, 2019 at 01:18AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9484 (accio_one_page_parallax_responsive_theme) | | The ThemeMakers Accio One Page Parallax Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. Published at: October 11, 2019 at 09:15PM View on website October 18, 2019 at 09:18AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9483 (invento_responsive_gallery/architecture_template) | | The ThemeMakers Invento Responsive Gallery/Architecture Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. Published at: October 11, 2019 at 09:15PM View on website October 18, 2019 at 09:18AM via National Vulnerability Database |
Няма коментари:
Публикуване на коментар