MustLive (162 exploits) - page 1 - Code Exploits Collection

Title	Author	Platform	Source	Description	Date
Moxiecode Image Manager 3.1.5 Shell Upload	MustLive	na	packetstormsecurity.org	Moxiecode Image Manager (MCImageManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.	yesterday
Moxiecode File Manager 3.1.5 Shell Upload	MustLive	na	packetstormsecurity.org	Moxiecode File Manager (MCFileManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.	Friday
WordPress Video JS Cross Site Scripting	MustLive	na	packetstormsecurity.org	Various WordPress plugins that embed video-js.swf suffer from cross site scripting vulnerabilities. These include Video Embed and Thumbnail Generator, External "Video for Everybody", 1player, S3 Video and EasySqueezePage.	May 14
WordPress Search And Share 0.9.3 Cross Site Scripting	MustLive	na	packetstormsecurity.org	WordPress Search and Share plugin versions 0.9.3 and below suffer from cross site scripting and path disclosure vulnerabilities.	May 12
JW Player / JW Player Pro 5.x Cross Site Scripting	MustLive	na	packetstormsecurity.org	JW Player and JW Player Pro versions prior to 5.10.2393 suffer from a cross site scripting vulnerability.	May 6
VideoJS Cross Site Scripting	MustLive	na	packetstormsecurity.org	VideoJS suffers from a cross site scripting vulnerability.	May 6
jPlayer 2.2.22 XSS / Content Spoofing	MustLive	na	packetstormsecurity.org	jPlayer versions prior to 2.2.23 suffers from cross site scripting and content spoofing vulnerabilities.	April 21
WordPress Colormix XSS / Content Spoofing / Path Disclosure	MustLive	na	packetstormsecurity.org	WordPress Colormix theme suffers from cross site scripting, path disclosure, and content spoofing vulnerabilities.	April 21
Dotclear 2.4.4 Cross Site Scripting / Content Spoofing	MustLive	na	packetstormsecurity.org	CMS Dotclear version 2.4.4 suffers from cross site scripting and content spoofing vulnerabilities.	April 13
ZeroClipbord.swf Cross Site Scripting / Path Disclosure	MustLive	na	packetstormsecurity.org	ZeroClipboard.swf as included with multiple themes in WordPress suffers from cross site scripting and path disclosure vulnerabilities.	April 9
Lotus Domino 8.5.4 Cross Site Scripting	MustLive	na	packetstormsecurity.org	Lotus Domino versions 8.5.4 and below suffer from multiple cross site scripting vulnerabilities.	March 27
D-Link DAP 1150 Cross Site Request Forgery	MustLive	na	packetstormsecurity.org	This file contains multiple cross site request forgery proof of concepts for old issues associated with the D-Link DAP 1150.	March 9
Question2Answer Cross Site Request Forgery	MustLive	na	packetstormsecurity.org	This is a demonstration cross site request forgery exploit for Question2Answer that also takes advantage of an insufficient anti-automation issue.	March 8
Question2Answer 1.5.3 CSRF / Brute Force	MustLive	na	packetstormsecurity.org	Question2Answer version 1.5.2 suffers from cross site request forgery, anti-automation, and brute force vulnerabilities.	March 2
Various Applications Include ZeroClipboard XSS	MustLive	na	packetstormsecurity.org	YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery are all affected by the cross site scripting issues discovered in ZeroClipboard as they include the swf.	February 20

Older posts >>