Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claudio viviani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9097
Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly as distributed prior to 2014-07-23, for WordPress allow (1) remote malicious users to execute arbitrary SQL commands via the vid parameter in a myextract actio...
Apptha Contus Video Gallery 2.5
2 EDB exploits
NA
CVE-2014-9175
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php.
Wpdatatables Wpdatatables
1 EDB exploit
NA
CVE-2014-7153
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.
Huge-it Image Gallery 1.0.1
1 EDB exploit
NA
CVE-2014-9098
Multiple cross-site scripting (XSS) vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly prior to 2014-07-23, for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the videoadssearchQuery parameter t...
Apptha Contus Video Gallery 2.5
1 EDB exploit
NA
CVE-2014-8586
SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote malicious users to execute arbitrary SQL commands via the calid parameter.
Cp Multi View Event Calendar Project Cp Multi View Event Calendar 1.0.1
1 EDB exploit
NA
CVE-2014-8375
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php.
Gb-plugins Gb Gallery Slideshow 1.5
1 EDB exploit
NA
CVE-2015-2065
SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery (contus-video-gallery) plugin prior to 2.8 for WordPress allows remote malicious users to execute arbitrary SQL commands via the vid parameter in a rss action to wp-admin/admin-ajax.php.
Apptha Wordpress Video Gallery
1 EDB exploit
NA
CVE-2014-5201
SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote malicious users to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/admin-ajax.php.
Gallery Objects Project Gallery Objects 0.4
1 EDB exploit
NA
CVE-2014-4944
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.php.
Bannersky Bsk Pdf Manager 1.3.2
1 EDB exploit
NA
CVE-2014-10021
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
Wpsymposiumpro Wp Symposium 14.11
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »