Search Results | AttackerKB

Show filters

Topics 252 Users 9,811

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

252 Total Results

Displaying 51-60 of 252

Attacker Value

Unknown

CVE-2020-25474

Disclosure Date: November 24, 2020 (last updated February 22, 2025)

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2020-25475

Disclosure Date: November 24, 2020 (last updated February 22, 2025)

SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-5616

Disclosure Date: August 04, 2020 (last updated February 21, 2025)

[Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] free edition ver1.0.0, [Gallery01] free edition ver1.0.3 and earlier, [CalendarForm01] free edition ver1.0.3 and earlier, and [Link01] free edition ver1.0.0 allows remote attackers to bypass authentication and log in to the product with administrative privileges via unspecified vectors.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2011-2706

Disclosure Date: January 14, 2020 (last updated February 21, 2025)

A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2015-9504

Disclosure Date: October 23, 2019 (last updated November 27, 2024)

The weeklynews theme before 2.2.9 for WordPress has XSS via the s parameter.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2015-9500

Disclosure Date: October 22, 2019 (last updated November 27, 2024)

The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2015-9334

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The email-newsletter plugin through 20.15 for WordPress has SQL injection.

0

Attacker Value

Unknown

CVE-2017-18575

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.

0

Attacker Value

Unknown

CVE-2017-18522

Disclosure Date: August 20, 2019 (last updated November 27, 2024)

The eelv-newsletter plugin before 4.6.1 for WordPress has XSS in the address book.

0

Attacker Value

Unknown

CVE-2017-18523

Disclosure Date: August 20, 2019 (last updated November 27, 2024)

The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF in the address book.

0