CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2012-1785 – Videopack (formerly Video Embed & Thumbnail Generator) < 2.0 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-1785
20 Feb 2012 — kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors. kg_callffmpeg.php en el complemento de Wordpress "Video Embed & Thumbnail Generator" antes de v2.0 permite a atacantes remotos ejecutar comandos de su elección a través de vectores no especificados. The Videopack (formerly Video Embed & Thumbnail Generator) plugin for WordPress is vulnerable to remote code execution in versions up to 2.0 du... • http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-1786 – Videopack (formerly Video Embed & Thumbnail Generator) <= 1.1 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2012-1786
20 Feb 2012 — The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors. El formulario de subida de contenido multimedia del complemento Video Embed & Thumbnail Generator anteriores a la versión 2.0 para WordPress permite a atacantes remotos obtener la ruta de instalación a través de vectores sin especificar. • http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •