|
291181
|
- |
|
fabricio_zuardi
|
xspf_player_plugin
|
SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3530
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291182
|
- |
|
smartypantsplugins
|
wp-funeral-press
|
Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3529
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291183
|
- |
|
vanillaforums
|
vanilla
|
Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."
|
NVD-CWE-noinfo
|
CVE-2013-3528
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291184
|
- |
|
vanillaforums
|
vanilla
|
Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or…
|
CWE-89
SQL Injection
|
CVE-2013-3527
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291185
|
- |
|
wptrafficanalyzer
|
trafficanalyzer
|
Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3526
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291186
|
- |
|
bestpractical
|
request_tracker
|
SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor dispute…
|
CWE-89
SQL Injection
|
CVE-2013-3525
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291187
|
- |
|
simpilotgroup
|
pop_up_news
|
SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2013-3524
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291188
|
- |
|
gajennings
|
this
|
SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute arbitrary SQL commands via vectors related to op=page&id= in the URL.
|
CWE-89
SQL Injection
|
CVE-2013-3523
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291189
|
- |
|
vbulletin
|
vbulletin
|
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the no…
|
CWE-89
SQL Injection
|
CVE-2013-3522
|
2024-11-21 10:53 |
2013-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291190
|
- |
|
wppa.opajaap
|
wp-photo-album-plus
|
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the comm…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3254
|
2024-11-21 10:53 |
2013-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
