redteam.net
  • services
  • redteam labs
  • contact
  • about
  • advisories

wordpress insecurity

May 9, 2012 in wordpress by @rch1t3ct
wordpress 0 Comments

WordPress Stuff

(Continue reading…)
  • We have written about...

wordpress
    • services
    • redteam labs
    • contact
    • about
    • advisories
  • Recent Posts
    • wordpress insecurity
  • Archives
    • May 2012
  • Categories
    • wordpress
  • RSS Packet Storm Security Feed
    • Zero Day Initiative Advisory 12-100 2012/06/22
      Zero Day Initiative Advisory 12-100 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PMParamHandler component of Performance Manager, which is served via an Apache Tomcat insta […]
    • Zero Day Initiative Advisory 12-099 2012/06/22
      Zero Day Initiative Advisory 12-099 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in this packet, the application […]
    • Rare AutoCAD Worm Lifted Blueprints From Peru, Sent Them To China 2012/06/22
      […]
    • Zero Day Initiative Advisory 12-098 2012/06/22
      Zero Day Initiative Advisory 12-098 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of America Online's Toolbar, Desktop, IM, and winamp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th […]
    • Zero Day Initiative Advisory 12-097 2012/06/22
      Zero Day Initiative Advisory 12-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector Express. Authentication is not required to exploit this vulnerability. User interaction is not required to exploit this vulnerability. The specific flaw exists within the dpwinsdr.exe process which listen […]
    • Lattice Diamond Programmer Buffer Overflow 2012/06/22
      Core Security Technologies Advisory - Lattice Diamond Programmer is vulnerable to client-side attacks, which can be exploited by remote attackers to run arbitrary code by sending specially crafted '.xcf' files. […]
    • Cotonti 0.6.23 SQL Injection 2012/06/22
      Cotonti version 0.6.23 suffers from a remote SQL injection vulnerability. […]
    • MyBB 1.6.8 SQL Injection 2012/06/22
      MyBB version 1.6.8 suffers from a remote SQL injection vulnerability in announcements.php. […]
    • Zero Day Initiative Advisory 12-096 2012/06/22
      Zero Day Initiative Advisory 12-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector Express. Authentication is not required to exploit this vulnerability. User interaction is not required to exploit this vulnerability. The specific flaw exists within the dpwinsdr.exe process which listen […]
    • Zero Day Initiative Advisory 12-095 2012/06/22
      Zero Day Initiative Advisory 12-095 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXM […]
Red Team LTD.