Archive for February, 2008

3

Fredrik Fahlstad Plugins Vulnerable

Posted by Philipp
February 1, 2008

The H-T Team made some new exploits public which affect following Plugins by Fredik Fahlstad fGallery 2.4.1 and WP-Cal 0.3, both are vulnerable against Remote SQL Injection. It is likely that earlier versions are affected.

Within the WP-Cal Plugin, the File editevent.php is vulnerable for this attack, because of improper sanitisation of the id parameter. Within [...]

2

wp-calc & wp adserv plugin vulnerabilities

Posted by DK
February 1, 2008

Jeffro2pt0 at WeblogToolsCollection has reported two new vulnerabilities that have recently been found in WordPress plugins:

Today, we have a moderately critical SQL Injection Vulnerability that was discovered by HouSSaMix in the “WP-Cal” plugin version 0.x for WordPress.

A person who goes by the handle “enter_the_dragon” has discovered a vulnerability within the Adserve Plugin version 0.2 [...]

Previous Page