WordPress Squirrel Theme version 1.6.4 suffers from a remote file inclusion vulnerability.
86c56b7e4874d7528b43160cb98e7dd014fc64e5f89c14c40edacd196b5285d4WordPress Oberliga Theme suffers from a remote SQL injection vulnerability.
2d70289de97e352a135d3a3978019801c6eaea9b5dec5fae3815e1895fa50be9WordPress Malmonation theme suffers from a remote SQL injection vulnerability. Note that this theme is specific to this site.
5e7908209d87b1e1f212f6ab59e22fe30ff71c8f26dcbfee81ee4769a88aa0a7WordPress Magazine Basic third party plugin theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
a0f0a2bb4d25112d7a6582eb26bee1291efed1a5f1e1f840369aeeedd948fe27WordPress Madebymilk theme suffers from a remote SQL injection vulnerability.
53efbb3fb22fea393b7b557a40986a887585d9f65fc7b902c2bd190cec17cc9bWordPress Dailyedition-mouss theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
e3b6e86eb2c0347606edadc71a935b17a5439f47d2053f6412d3576c51d782ffWordPress ArribaLaEsteban theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
46b56b583d13fbd785a4b7cafc11564f5d8cb0aa6772383501590c78c12e0df9The WordPress Kakao theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
3dc2268c974652d6a7dc818180fe747ab9e25822e57cf9844178f7d63c47f4b5WordPress Themesbook suffers from a cross site scripting vulnerability. Note that these findings house site-specific data.
a7dcad7b98ba078521025645176f9d8e558f872854ce2d53553e6196e64b72a0Archin WordPress theme version 3.2 suffers from an unauthenticated configuration access vulnerability.
d3acec9570e446b9ac94a5014d65862eb7047d8ce33e4dd77bd95bcbc5219200Secunia Security Advisory - DigiP has reported a vulnerability in the Archin theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
824e61a84786425669df94df44c16ee4226726627aa92e53c58dbfdbb9475464The Archin WordPress theme suffers from cross site scripting and various handling vulnerabilities.
79feda0b7bd00e685a77a7bcc11ae8076e0fd00fde04b69a0ff51a66722cf77eGentoo Linux Security Advisory 201209-9 - A vulnerability has been found in Atheme which may lead to Denial of Service or a bypass of security restrictions. Versions less than 6.0.10 are affected.
d094346e88952898b40a9e5b3d85bc12e1ea79a3936694eb8cf26a2d4330cf5eSecunia Security Advisory - Gentoo has issued an update for atheme. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions or cause a DoS (Denial of Service).
ffa2e12c180988abba5b201227c9428652ffd9f22edee0206974f6042dabd2d1Secunia Security Advisory - Multiple vulnerabilities have been reported in the Purity theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
4d3bbfddcad7d6b2450da059a2f13850282bca512cfd4cc46c8f8083b5de382fSecunia Security Advisory - A vulnerability has been reported in the Inf08 theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
d19578f9624a9d3ab2e8250b8c217c7d67f9a2def1875b45608a73c45de92057ShopperPress WordPress theme version 2.7 suffers from cross site scripting vulnerabilities.
491c4ea2642b413280ac3851a6e53813f20e256059abdc11931d3d115eea5543The ShopperPress WordPress theme version 2.7 suffers from a remote SQL injection vulnerability.
ed35edb8650c19623a01a17b915ca31339739c6d58d3e1a859b296896830b99dSecunia Security Advisory - A vulnerability has been reported in the Elegant theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
d2854560cddfa61cfe86ceecb80c48718450d1c7f41c5dd9b2a5bee6ad23de4bDrupal Elegant Theme third party module version 7.x suffers from a cross site scripting vulnerability.
5cd009a2b5bb39d8473e502fc09119a2302b0d2363ca9167442d0a9f58ad5ea2Multiple Site5 WordPress themes suffer from an email spoofing vulnerability.
3ae588eeb35bf8ce5278a0e55fc825b27cefdef0759ac73636c048ab0ff52b56This Metasploit module exploits a php unserialize() vulnerability in SugarCRM versions 6.3.1 and below which could be abused to allow authenticated SugarCRM users to execute arbitrary code with the permissions of the webserver. The dangerous unserialize() exists in the 'include/MVC/View/views/view.list.php' script, which is called with user controlled data from the 'current_query_by_page' parameter. The exploit abuses the __destruct() method from the SugarTheme class to write arbitrary PHP code to a 'pathCache.php' on the web root.
1e73a4a4f9bf312d43feeea95213bce49f5dcf97660320b96cca53b8c0f4ba3dWordPress Famous theme version 2.0.5 suffers from a remote shell upload vulnerability.
5cd23143dda2991fa8b54bad24336fde593bf11003add82671ad05be651816d2WordPress Deep-Blue theme version 1.9.2 suffers from a remote shell upload vulnerability.
655fa08681c7b44b6899577f403fd689e810e5138a16b53311a249704bc54503Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Famous and Deep Blue themes for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
cb79aa34a90dc5586ed95bc441ca7e9dcd4083f9bf4f271624057cb2530bfd6bSecunia Security Advisory - A vulnerability has been discovered in the Theme My Login plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
bd7791c5e26a1a58fa8454cf5a09fc73ed249beba8d67b339c94bc4daa36e62f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed