Posts Tagged ‘XSS attack’

New Cross-site scripting Vulnerabilities in WordPress Plugins – October 10, 2014

Posted: October 10, 2014 in Vulnerabilities
Tags: , ,
0

Wordpress VulnerabilitiesThe latest Cross-site scripting vulnerabilities in WordPress plugins

Five Cross-site scripting vulnerabilities in WordPress plugins: Profile Builder, Photo Gallery, EWWW Image Optimizer, Contact Form DB, and Google Calendar Events.

1. Cross-site scripting in WordPress Profile Builder Plugin

Danger: Low
Availability Corrections: Yes
Number of vulnerabilities: 1
CVSSv2 Rating: (AV: N / AC: L / Au: N / C: N / I: P / A: N / E: U / RL: O / RC: C) = Base: 5 / Temporal: 3.7 (more…)

Notification: New Vulnerability in WordPress – September 24, 2014

Posted: September 24, 2014 in Vulnerability News
Tags: , , , , ,
0
Wordpress Vulnerability

WordPress vulnerabilities

1. Security Bypass WordPress WP-Ban

Danger level: Low
Availability Corrections: Yes
Number of vulnerabilities: 1

CVSSv2 Rating: (AV: N / AC: L / Au: N / C: N / I: N / A: P / E: U / RL: O / RC: C) = Base: 5 / Temporal: 3.7
CVE ID: CVE-2014-6230

Vector operation: Remote
Impact: Security Bypass (more…)

Notification: New Vulnerabilities in Drupal – September 13, 2014

Posted: September 13, 2014 in Vulnerability News
Tags: , , , ,
1
Drupal logo

Drupal vulnerabilities

Cyber Security Notification: New Vulnerabilities of September 2014

Security vulnerabilities related to Drupal – content management system: Descriptions of vulnerabilities related to products of this vendor of September 13, 2014.

1. Vulnerability: Cross-site scripting in Drupal Custom BreadCrumbs

Danger level: Low
Availability Corrections: Yes
Number of vulnerabilities: 1
CVSSv2 Rating: (AV: N / AC: L / Au: N / C: N / I: P / A: N / E: U / RL: O / RC: C) = Base: 5 / Temporal: 3.7 (more…)

WordPress Audio Player – Cross-site scripting

Posted: February 11, 2013 in Vulnerabilities
Tags: , , ,
0
XSS in WordPress Audio Player

XSS in WordPress Audio Player

Vulnerability: Cross-site scripting in WordPress Audio Player

Danger level: Low
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2013-1464
Vector of operation: Remote
Impact: Cross Site Scripting

Affected products: WordPress Audio Player Plugin 2.x

Affected versions: WordPress Audio Player 2.0.4.5, possibly earlier. (more…)

Cross-site scripting in WordPress Video Lead Form

Posted: December 4, 2012 in Vulnerabilities
Tags: , , ,
0
Wordpress Vulnerability

XSS in WordPress

Vulnerability: Cross-site scripting in WordPress Video Lead Form

Danger: Low
Patch: Yes
Number of vulnerabilities: 1

Vector of operation: Remote
Impact: Cross Site Scripting

Affected products: WordPress Video Lead Form Plugin 0.x

Affected versions: WordPress Video Lead Form 0.5, maybe earlier.

Description:

The vulnerability allows malicious people to conduct XSS attacks. (more…)

Multiple vulnerabilities in Sophos antivirus

Posted: November 9, 2012 in Vulnerabilities
Tags: , , , ,
0
Sophos antivirus

Vulnerabilities in Sophos Antivirus

Vulnerability: Multiple vulnerabilities in Sophos antivirus

Danger: High
Patch: Yes
Number of vulnerabilities: 6
Vector operation: Remote

Impact: Cross Site Scripting,  Elevation of Privilege,  System compromise.

Affected products:  Sophos Anti-Virus 10.x,  Sophos Anti-Virus 9.x,  Sophos Anti-Virus for Mac OS X 8.x,  Sophos Anti-Virus for Unix 4.x.

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system. (more…)

Mozilla fixed a vulnerability in Firefox

Posted: October 29, 2012 in IT Security News
Tags: , , , ,
0
Firefox logo

Vulnerability in Firefox

In the browser, eliminated two XSS vulnerability attacks and one vulnerability disclosure of sensitive data.

Mozilla Foundation has released a security update Firefox 16.0.2, which eliminated three vulnerabilities.

The second in the last two weeks fix in Firefox resolves two vulnerabilities that can make XSS attack, and one vulnerability disclosure of sensitive data, which allows you to bypass security restrictions and implement a cross-domain object reading Location. (more…)

Cross-site scripting in Opera

Posted: October 8, 2012 in Vulnerabilities
Tags: , , , ,
0

Opera AlertVulnerability: Cross-site scripting in Opera

Danger: Middle
If the Patch: None
Number of vulnerabilities: 1
Impact: Cross Site Scripting
Affected products: Opera 12.x

Affected versions: Opera 12.02 for Windows, Mac OS and Linux, possibly earlier

Description:

The vulnerability allows malicious people to conduct XSS attacks. (more…)

WordPress Purity Theme – Cross-site scripting

Posted: September 20, 2012 in Vulnerabilities
Tags: , , , ,
0

Wordpress VulnerabilityVulnerability: Cross-site scripting in the WordPress Purity Theme

Danger: Low
If the Patch: None
Number of vulnerabilities: 1
Impact: Cross Site Scripting
Affected products: WordPress Purity Theme

Affected versions: WordPress Purity TOPIC LINKS (more…)

WordPress Download Monitor – Cross-site scripting

Posted: September 13, 2012 in Vulnerabilities
Tags: , ,
0

Wordpress VulnerabilityVulnerability: Cross-site scripting WordPress Download Monitor

CVE ID: CVE-2012-4768
Impact: Cross Site Scripting

Affected products: WordPress Download Monitor Plugin 3.x

Affected versions: WordPress Download Monitor 3.3.5.7, possibly earlier.

Description:

The vulnerability allows malicious people to conduct XSS attacks. (more…)

Older Entries