VideoJS Cross-Site Scripting Vulnerability

VideoJS Cross-Site Scripting Vulnerability 53427 http://seclists.org/fulldisclosure/2013/May/77 XSS VideoJS Cross-Site Scripting Vulnerability 53457 http://seclists.org/fulldisclosure/2013/May/77 XSS VideoJS Cross-Site Scripting Vulnerability 53548 http://seclists.org/fulldisclosure/2013/May/77 XSS VideoJS Cross-Site Scripting Vulnerability 53460 http://seclists.org/fulldisclosure/2013/May/77 XSS VideoJS Cross-Site Scripting Vulnerability 53494 http://seclists.org/fulldisclosure/2013/May/77 XSS VideoJS Cross-Site Scripting Vulnerability http://seclists.org/fulldisclosure/2013/May/77 XSS onepagewebsite Full Path Disclosure vulnerability http://1337day.com/exploit/20027 FPD vithy - Full Path Disclosure vulnerability http://1337day.com/exploit/20040 FPD vithy - Arbitrary File Upload Vulnerability http://1337day.com/exploit/19830 UPLOAD appius - Full Path Disclosure vulnerability http://1337day.com/exploit/20039 FPD appius - Arbitrary File Upload Vulnerability http://1337day.com/exploit/19831 UPLOAD yvora - Full Path Disclosure vulnerability http://1337day.com/exploit/20038 FPD yvora - Arbitrary File Upload Vulnerability http://1337day.com/exploit/19834 UPLOAD Shotzz - Full Path Disclosure vulnerability http://1337day.com/exploit/20041 FPD Shotzz - Arbitrary File Upload Vulnerability http://1337day.com/exploit/19829 UPLOAD dagda - Arbitrary File Upload Vulnerability http://1337day.com/exploit/19832 UPLOAD moneymasters - Full Path Disclosure vulnerability http://1337day.com/exploit/20077 FPD moneymasters - File Upload Vulnerability (metasploit) http://1337day.com/exploit/20076 UPLOAD XSS vulnerability in Imediapixel premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html XSS XSS vulnerability in Imediapixel premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html XSS XSS vulnerability in Imediapixel premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html XSS XSS vulnerability in Imediapixel premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html XSS XSS vulnerability in Parallelus premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html XSS XSS vulnerability in Parallelus premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html XSS XSS vulnerability in Parallelus premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html XSS XSS vulnerability in Parallelus premium WordPress themes http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html XSS Shapeless - Unspecified XSS 85919 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Brisk - Unspecified XSS 85918 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Blaze - Unspecified XSS 85917 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Eunice - Unspecified XSS 85916 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Explicit - Unspecified XSS 85915 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Essence - Unspecified XSS 85914 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Paramount - Unspecified XSS 85913 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS PictureFactory - Unspecified XSS 85912 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Sparky - Unspecified XSS 85911 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS TheAgency - Unspecified XSS 85910 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Konzept - Unspecified XSS 85920 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Daisho - Unspecified XSS 85921 http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html XSS Choices - Unspecified XSS 86755 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Brightbox - Unspecified XSS 86756 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Broadscope - Unspecified XSS 86757 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Corona - Unspecified XSS 86758 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Flashlight - Unspecified XSS 86759 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Coalition - Unspecified XSS 86760 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Shoutbox - Unspecified XSS 86761 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Velvet - Unspecified XSS 86762 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Upscale - Unspecified XSS 86763 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Expose - Unspecified XSS 86764 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Abundance - Unspecified XSS 86765 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Eunoia - Unspecified XSS 86766 http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-wp-themes-by-kriesi.html XSS Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Site5 Wordpress Themes Email Spoofing http://packetstormsecurity.org/files/114750/ UNKNOWN Famous 2.0.5 - Shell Upload http://packetstormsecurity.org/files/113842/ UPLOAD Deep-Blue 1.9.2 - Arbitrary File Upload Vulnerability http://packetstormsecurity.org/files/113843/ UPLOAD Classipress <= 3.1.4 - Stored XSS 18053 http://cxsecurity.com/issue/WLB-2011110001 XSS WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE DailyDeal - File Upload Remote Code Execution 98924 http://packetstormsecurity.com/files/123748/ http://templatic.com/app-themes/daily-deal-premium-wordpress-app-theme RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE Flash News - thumb.php src Parameter XSS 89887 http://packetstormsecurity.com/files/120037/ http://seclists.org/fulldisclosure/2013/Feb/8 http://cxsecurity.com/issue/WLB-2013020010 XSS Flash News - Multiple Script Path Disclosure 89888 http://packetstormsecurity.com/files/120037/ http://seclists.org/fulldisclosure/2013/Feb/8 http://cxsecurity.com/issue/WLB-2013020010 FPD Flash News - includes/test.php a Parameter XSS 89889 http://packetstormsecurity.com/files/120037/ http://seclists.org/fulldisclosure/2013/Feb/8 http://cxsecurity.com/issue/WLB-2013020010 XSS Flash News - includes/test.php Direct Request Information Disclosure 89890 http://packetstormsecurity.com/files/120037/ http://seclists.org/fulldisclosure/2013/Feb/8 http://cxsecurity.com/issue/WLB-2013020010 UNKNOWN Flash News - thumb.php src Parameter File Upload Arbitrary Code Execution 89891 http://packetstormsecurity.com/files/120037/ http://seclists.org/fulldisclosure/2013/Feb/8 http://cxsecurity.com/issue/WLB-2013020010 UNKNOWN Flash News - thumb.php src Parameter Remote DoS 89892 http://packetstormsecurity.com/files/120037/ http://seclists.org/fulldisclosure/2013/Feb/8 http://cxsecurity.com/issue/WLB-2013020010 UNKNOWN WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE WooThemes WooFramework Remote Unauthenticated Shortcode Execution https://gist.github.com/2523147 RCE dt-chocolate - jPlayer XSS 56379 http://packetstormsecurity.com/files/124756/ XSS dt-chocolate - Image Open redirect http://cxsecurity.com/issue/WLB-2013020011 UNKNOWN Multiple vulnerabilities in Chocolate WP theme for WordPress http://seclists.org/fulldisclosure/2013/Jan/215 MULTI sandbox - Arbitrary File Upload/FD Vulnerability http://1337day.com/exploit/20228 MULTI Clockstone 1.2 - upload.php Arbitrary File Upload Vulnerability 88622 51619 http://www.exploit-db.com/exploits/23494 http://www.securityfocus.com/bid/56988 http://xforce.iss.net/xforce/xfdb/80725 UPLOAD Archin - Cross-Site Scripting and Arbitrary File Upload Vulnerabilities 50711 MULTI Purity - Multiple Cross-Site Scripting Vulnerabilities 50627 XSS Pinboard 1.0.6 - includes/theme-options.php tab Parameter XSS 90070 2013-0286 52079 http://seclists.org/oss-sec/2013/q1/274 http://cxsecurity.com/issue/WLB-2013020062 XSS Pinboard - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124151/ UPLOAD montezuma <= 1.1.3 - XSS in ZeroClipboard.swf http://1337day.com/exploit/20396 XSS scarlet <= 1.1.3 - XSS in ZeroClipboard.swf http://1337day.com/exploit/20396 XSS allure-real-estate-theme-for-placester <= 0.1.1 - XSS in ZeroClipboard.swf http://1337day.com/exploit/20396 XSS allure-real-estate-theme-for-real-estate <= 0.1.1 - XSS in ZeroClipboard.swf http://1337day.com/exploit/20396 XSS felici - XSS Vulnerability http://1337day.com/exploit/20560 XSS Classic 1.5 - PHP_SELF XSS http://osvdb.org/38450 2007-4483 XSS brilliant - File Upload Vulnerability http://ruinedsec.wordpress.com/2013/04/03/wordpress-themes-exploits-are-in-action-wpscan/ UPLOAD Colormix - Multiple vulnerabilities http://packetstormsecurity.com/files/121372/ http://seclists.org/fulldisclosure/2013/Apr/172 MULTI XSS in jobroller theme http://cxsecurity.com/issue/WLB-2013060089 XSS Xss In wordpress ambience theme http://packetstorm.igor.onlinedirect.bg/1306-exploits/wpambience-xss.txt XSS Slash WP - FPD, XSS and CS vulnerabilities http://packetstormsecurity.com/files/123748/ http://seclists.org/fulldisclosure/2013/Jun/166 MULTI Persuasion - PrettyPhoto DOM XSS http://www.rafayhackingarticles.net/2013/05/kali-linux-dom-based-xss-writeup.html XSS Persuasion <= 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://packetstormsecurity.com/files/124547/ http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Persuasion <= 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://packetstormsecurity.com/files/124547/ http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 MORE+ - PrettyPhoto XSS Vulnerability 54924 http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0177.html XSS silverOrchid <= 1.5.0 - XSS Vulnerability 96723 54662 http://packetstormsecurity.com/files/122986/ XSS Caulk - path disclosure vulnerability 90889 http://packetstormsecurity.com/files/120632/ http://themeforest.net/item/caulk/76108 FPD WPLocalPlaces - File Upload Remote Code Execution 98806 http://packetstormsecurity.com/files/123697/ RCE Photocrati 4.7.3 - photocrati-gallery/ecomm-sizes.php prod_id Parameter Reflected XSS 102717 56690 http://packetstormsecurity.com/files/124986/ XSS Photocrati - Multiple Script Direct Request Path Disclosure 92836 http://seclists.org/fulldisclosure/2013/Apr/238 FPD Music - Multiple Script Direct Request Path Disclosure 92837 http://seclists.org/fulldisclosure/2013/Apr/238 FPD Imperial Fairytale - Multiple Script Direct Request Path Disclosure 92838 http://seclists.org/fulldisclosure/2013/Apr/238 FPD Imperial Fairytale - jPlayer Cross-Site Scripting Vulnerability 53210 http://seclists.org/oss-sec/2013/q2/177 XSS Feather12 - Multiple Script Direct Request Path Disclosure 92839 http://seclists.org/fulldisclosure/2013/Apr/238 FPD Studio Zen - Multiple Script Direct Request Path Disclosure 92840 http://seclists.org/fulldisclosure/2013/Apr/238 FPD Studio Zen - jPlayer Cross-Site Scripting Vulnerability 53212 http://seclists.org/oss-sec/2013/q2/177 XSS AREA53 <= 1.0.5 - File Upload Code Execution 98927 29068 http://www.securityfocus.com/bid/63306 http://1337day.com/exploit/21442 RCE Sahifa 2.4.0 - Multiple Script Path Disclosure Direct Request Path Disclosure 88926 http://packetstormsecurity.com/files/119191/ http://www.securityfocus.com/bid/57109 FPD Sahifa 2.4.0 - Site Setting Reset CSRF 88927 http://packetstormsecurity.com/files/119191/ http://www.securityfocus.com/bid/57109 CSRF SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting Vulnerability http://www.securityfocus.com/bid/46615 XSS GeoPlaces - File Upload Handling Remote Command Execution 98975 http://packetstormsecurity.com/files/123773/ RCE Curvo - wp-content/themes/curvo/functions/upload-handler.php File Upload CSRF 99043 29211 http://packetstormsecurity.com/files/123799/ http://packetstormsecurity.com/files/123820/ CSRF Money - wp-content/themes/MoneyTheme/uploads/upload.php File Upload Remote Code Execution 99187 http://packetstormsecurity.com/files/123819/ RCE Saico - Arbitrary File Upload Vulnerability 29150 http://1337day.com/exploit/21440 UPLOAD ThisWay - remote shell upload vulnerability 55587 http://packetstormsecurity.com/files/123895/ RCE Think Responsive 1.0 - Arbitrary shell upload vulnerability 29332 http://packetstormsecurity.com/files/123880/ RCE Anthology - Remote File Upload Vulnerability http://1337day.com/exploit/21460 UPLOAD Amoveo - Arbitrary File Upload Vulnerability http://1337day.com/exploit/21451 UPLOAD Switchblade 1.3 - Arbitrary File Upload Vulnerability 88918 29330 http://1337day.com/exploit/21457 UPLOAD Magnitudo - Arbitrary File Upload Vulnerability http://1337day.com/exploit/21457 UPLOAD Ghost - Arbitrary File Upload Vulnerability http://1337day.com/exploit/21416 UPLOAD Right Now - Arbitrary File Upload Vulnerability http://1337day.com/exploit/21420 UPLOAD Cold Fusion - Arbitrary File Upload Vulnerability http://1337day.com/exploit/21431 UPLOAD Chameleon - Arbitrary File Upload Vulnerability http://1337day.com/exploit/21449 UPLOAD Kernel Theme - functions/upload-handler.php File Upload Remote Code Execution 99553 29482 http://packetstormsecurity.com/files/123954/ RCE Rockstar - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21510 UPLOAD Reganto - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21511 UPLOAD Ray of Light - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21512 UPLOAD Radial - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21513 UPLOAD Oxygen - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21514 UPLOAD Bulteno - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21515 UPLOAD Bordeaux - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/123999/ http://packetstormsecurity.com/files/124232/ http://1337day.com/exploit/21516 UPLOAD Agritourismo - Remote File Upload Vulnerability 29946 http://packetstormsecurity.com/files/124232/ UPLOAD Highlight Powerful Premium - upload-handler.php File Upload CSRF 99703 29525 http://packetstormsecurity.com/files/123974/ CSRF Euclid - CSRF Vulnerability 29667 http://packetstormsecurity.com/files/124043/ http://1337day.com/exploit/21538 CSRF Dimension - CSRF Vulnerability 29668 http://packetstormsecurity.com/files/124042/ http://1337day.com/exploit/21537 CSRF Amplus - CSRF Vulnerability 29669 http://packetstormsecurity.com/files/124041/ http://1337day.com/exploit/21535 CSRF Make A Statement - CSRF Vulnerability 29670 http://packetstormsecurity.com/files/124044/ http://1337day.com/exploit/21536 CSRF iThemes2 - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124097/ UPLOAD Suco - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124094/ UPLOAD Elemin - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124149/ UPLOAD Folo - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124150/ UPLOAD Folo - Cross Site Scripting http://packetstormsecurity.com/files/124230/ XSS Bloggie - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124152/ UPLOAD Blogfolio - themify-ajax.php File Upload Arbitrary Code Execution 100271 http://packetstormsecurity.com/files/124156/ UPLOAD OptimizePress - File Upload Vulnerability 100509 2013-7102 56379 http://packetstormsecurity.com/files/124246/ http://www.osirt.com/2013/11/wordpress-optimizepress-hack-file-upload-vulnerability/ exploit/unix/webapp/php_wordpress_optimizepress UPLOAD Blooog 1.1 - jplayer.swf Cross Site Scripting http://packetstormsecurity.com/files/124240/ http://xforce.iss.net/xforce/xfdb/89356 2013-7129 92254 XSS Toolbox 1.4 - flyer.php mls Parameter SQL Injection 88293 http://www.securityfocus.com/bid/56745 SQLI Oberliga - team.php team Parameter SQL Injection 88454 http://packetstormsecurity.org/files/118368/ http://xforce.iss.net/xforce/xfdb/80273 SQLI CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection 88291 http://www.securityfocus.com/bid/56694 SQLI Malmonation - debate.php id Parameter SQL Injection 87866 http://packetstormsecurity.org/files/118340/ http://xforce.iss.net/xforce/xfdb/80252 SQLI LightSpeed - Valums Uploader Shell Upload Exploit http://packetstormsecurity.com/files/119241/ UPLOAD Eptonic - Valums Uploader Shell Upload Exploit http://packetstormsecurity.com/files/119241/ UPLOAD Nuance - Valums Uploader Shell Upload Exploit http://packetstormsecurity.com/files/119241/ UPLOAD DejaVu 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 DejaVu 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Elegance 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Elegance 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Echelon 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Echelon 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Modular 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Modular 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Fusion 2.1 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.2 Fusion 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.2 Method 2.1 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Method 2.1 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.2 Myriad 2.0 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Myriad 2.0 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.1 Construct 1.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Construct 1.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 1.5 Awake 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 Awake 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 3.4 InFocus 3.3 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion 101330 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 2.5 InFocus 3.3 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download 101331 30443 http://www.securityfocus.com/bid/64501 UNKNOWN 3.4 Elegant Grunge 1.0.3 - s Parameter XSS 75942 2011-3856 http://www.securityfocus.com/bid/49869 XSS 1.0.4 Simple Balance <= 2.2.1 - index.php s Parameter XSS 76722 46671 http://packetstormsecurity.com/files/106341/ XSS Codilight Premium 1.0.0 - admin/front-end/options.php reset Parameter XSS 100791 XSS Love It - XSS / Content Spoofing / Path Disclosure http://packetstormsecurity.com/files/122386/ MULTI