CVSS: 4.4EPSS: 0%CPEs: 35EXPL: 0CVE-2008-7175 – NextGEN Gallery Plugin <= 1.9.0 - Authenticated (Admin+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-7175
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action. Una vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en wp-admin/admin.php en el plugin NextGEN Gallery v0.96 y anteriores para Wordpress permite a atacantes remotos inyectar HTML o secuencias de comandos web a través del campo de descripción de la imagen en una acción de edición de página. The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the description field for galleries in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • http://osvdb.org/51428 http://www.securityfocus.com/archive/1/493182/100/0/threaded • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-2510 – WordPress Plugin Upload File - 'wp-uploadfile.php' SQL Injection
https://notcve.org/view.php?id=CVE-2008-2510
SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter. Vulnerabilidad de inyección SQL en archivo wp-uploadfile.php en el plugin UploadFile para WordPress, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro f_id. • https://www.exploit-db.com/exploits/31836 http://www.securityfocus.com/archive/1/492555/100/0/threaded http://www.securityfocus.com/bid/29352 https://exchange.xforce.ibmcloud.com/vulnerabilities/42659 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2034 – Download Monitor <= 2.0.6 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2008-2034
SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inyección SQL en wp-download_monitor/download.php, el pluging Download Monitor 2.0.6 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro id. NOTA: El origen de esta información es desconocido; los detalles han sido obtenidos exclusivamente de información de terceros. • http://secunia.com/advisories/29876 http://www.securityfocus.com/bid/28975 https://exchange.xforce.ibmcloud.com/vulnerabilities/42094 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1930 – WordPress Core < 2.5.1 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2008-1930
The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string containing USERNAME and EXPIRY_TIME, which allows remote attackers to forge cookies by registering a username that results in the same concatenated string, as demonstrated by registering usernames beginning with "admin" to obtain administrator privileges, aka a "cryptographic splicing" issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-6013. El método de autenticación por Cookie en WordPress 2.5 confía en un hash de la cadena que resulta de concatenar USERNAME y EXPIRY_TIME, lo que permite a atacantes remotos falsificar cookies registrando nombres de usuario que resulten en la misma cadena concatenada, como se demostró registrando nombres de usuario que comenzaban con "admin" para conseguir privilegios de administrador, también conocido como asunto "empalme criptográfico". NOTA: Esta vulnerabilidad existe debido a un parche incompleto para la vulnerabilidad CVE-2007-6013 • http://secunia.com/advisories/29965 http://wordpress.org/development/2008/04/wordpress-251 http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-integrity.txt http://www.securityfocus.com/archive/1/491356/100/0/threaded http://www.securityfocus.com/bid/28935 http://www.securitytracker.com/id?1019923 http://www.vupen.com/english/advisories/2008/1372/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42027 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2068 – WordPress Core <= 2.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-2068
Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en WordPress 2.5, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://secunia.com/advisories/29965 http://wordpress.org/development/2008/04/wordpress-251 https://exchange.xforce.ibmcloud.com/vulnerabilities/42029 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •