Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by adrotateplugin
CVE-2014-1854 (GCVE-0-2014-1854)
Vulnerability from cvelistv5 – Published: 2014-02-27 15:00 – Updated: 2024-08-06 09:58
VLAI
Summary
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.adrotateplugin.com/2014/01/adrotate-pr… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/531176/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.htbridge.com/advisory/HTB23201 | x_refsource_MISC |
| http://www.securityfocus.com/bid/65709 | vdb-entryx_refsource_BID |
| http://www.exploit-db.com/exploits/31834 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/57079 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2014-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "adrotate-track-sql-injection(91253)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adrotateplugin.com/2014/01/adrotate-pro-3-9-6-and-adrotate-free-3-9-5"
},
{
"name": "20140220 SQL Injection in AdRotate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531176/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.htbridge.com/advisory/HTB23201"
},
{
"name": "65709",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65709"
},
{
"name": "31834",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31834"
},
{
"name": "57079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "adrotate-track-sql-injection(91253)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adrotateplugin.com/2014/01/adrotate-pro-3-9-6-and-adrotate-free-3-9-5"
},
{
"name": "20140220 SQL Injection in AdRotate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531176/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.htbridge.com/advisory/HTB23201"
},
{
"name": "65709",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65709"
},
{
"name": "31834",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31834"
},
{
"name": "57079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "adrotate-track-sql-injection(91253)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91253"
},
{
"name": "http://www.adrotateplugin.com/2014/01/adrotate-pro-3-9-6-and-adrotate-free-3-9-5",
"refsource": "CONFIRM",
"url": "http://www.adrotateplugin.com/2014/01/adrotate-pro-3-9-6-and-adrotate-free-3-9-5"
},
{
"name": "20140220 SQL Injection in AdRotate",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531176/100/0/threaded"
},
{
"name": "https://www.htbridge.com/advisory/HTB23201",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23201"
},
{
"name": "65709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65709"
},
{
"name": "31834",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31834"
},
{
"name": "57079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1854",
"datePublished": "2014-02-27T15:00:00.000Z",
"dateReserved": "2014-02-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T09:58:15.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4671 (GCVE-0-2011-4671)
Vulnerability from cvelistv5 – Published: 2011-12-02 18:00 – Updated: 2024-08-07 00:09
VLAI
Summary
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/50674 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/46814 | third-party-advisoryx_refsource_SECUNIA |
| http://downloads.wordpress.org/plugin/adrotate.3.… | x_refsource_CONFIRM |
| http://www.exploit-db.com/exploits/18114 | exploitx_refsource_EXPLOIT-DB |
| http://unconciousmind.blogspot.com/2011/11/wordpr… | x_refsource_MISC |
Date Public
2011-11-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:19.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50674",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50674"
},
{
"name": "46814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46814"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.wordpress.org/plugin/adrotate.3.6.8.zip"
},
{
"name": "18114",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/18114"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://unconciousmind.blogspot.com/2011/11/wordpress-adrotate-plugin-366-sql.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-12-13T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "50674",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50674"
},
{
"name": "46814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46814"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.wordpress.org/plugin/adrotate.3.6.8.zip"
},
{
"name": "18114",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/18114"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://unconciousmind.blogspot.com/2011/11/wordpress-adrotate-plugin-366-sql.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "50674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50674"
},
{
"name": "46814",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46814"
},
{
"name": "http://downloads.wordpress.org/plugin/adrotate.3.6.8.zip",
"refsource": "CONFIRM",
"url": "http://downloads.wordpress.org/plugin/adrotate.3.6.8.zip"
},
{
"name": "18114",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18114"
},
{
"name": "http://unconciousmind.blogspot.com/2011/11/wordpress-adrotate-plugin-366-sql.html",
"refsource": "MISC",
"url": "http://unconciousmind.blogspot.com/2011/11/wordpress-adrotate-plugin-366-sql.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4671",
"datePublished": "2011-12-02T18:00:00.000Z",
"dateReserved": "2011-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:09:19.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}