WordPress WP - Bulk SMS - by SMS.to plugin <= 1.0.12 - Reflected Cross-Site Scripting vulnerability

WordPress WP - Bulk SMS - by SMS.to plugin = 1.0.12 - Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin WP – Bulk SMS versions = 1.0.12...

EUVD-2018-9141

Malware in sbrugna...

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

CVE-2024-11434

The WP – Bulk SMS – by SMS.to plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-11434

CVE-2024-11434 concerns the WP – Bulk SMS – by SMS.to WordPress plugin. It describes a Reflected Cross‑Site Scripting vulnerability via the 'page' parameter in all versions up to and including 1.0.12, caused by insufficient input sanitization and output escaping. The vulnerability allows unauthen...

CVE-2024-11434 WP – Bulk SMS – by SMS.to <= 1.0.12 - Reflected Cross-Site Scripting

The WP – Bulk SMS – by SMS.to plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2025-1655 · WordPress · Wp – Bulk Sms – By Sms.To

Name of the Vulnerable Software and Affected Versions: WP – Bulk SMS – by SMS.to plugin for WordPress versions up to, and including, 1.0.12 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This...

WordPress plugin WP – Bulk SMS – by SMS.to 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. "Attackers can use Xeon to send messages through multiple software-as-a-service SaaS providers using valid credentials for the service...

Combatting SMS and phone fraud: UK government issues guidance

The UK’s National Cyber Secuity Centre NCSC has published a guide to help make your organizations SMS and telephone messages effective and trustworthy. SMS and telephone calls represent an extremely effective means of mass communication. As such they are essential tools for most organizations,...

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

Cross site request forgery (csrf)

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

Sendroid < 6.5.0 - SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: Sendroid - Bulk SMS Portal, Marketing Script 5.0.0 - 6.5.0 - SQL Injection Google Dork: "welcome to SMS portal" Date: 22/12/2017 Exploit Author: Onwuka Gideon Contact: http://twitter.com/@gideononwuka Vendor Homepage:...

Sendroid Bulk SMS Portal / Marketing Script 6.5.0 SQL Injection

Exploit Title: Sendroid - Bulk SMS Portal, Marketing Script 5.0.0 - 6.5.0 - SQL Injection Google Dork: "welcome to SMS portal" Date: 22/12/2017 Exploit Author: Onwuka Gideon Contact: http://twitter.com/@gideononwuka Vendor Homepage: http://ynetinteractive.com/ Software Buy:...

Sendroid &lt; 6.5.0 - SQL Injection

Exploit Title: Sendroid - Bulk SMS Portal, Marketing Script 5.0.0 - 6.5.0 - SQL Injection Google Dork: "welcome to SMS portal" Date: 22/12/2017 Exploit Author: Onwuka Gideon Contact: http://twitter.com/@gideononwuka Vendor Homepage: http://ynetinteractive.com/ Software Buy:...

Booking a Taxi for Faketoken

The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. The authors of its newer modifications continue to upgrade the malware,...

Sendroid 5.2 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Sendroid - Bulk SMS Portal, Marketing v5.2 Script - SQL Injection Google Dork: N/A Date: 09.02.2017 Vendor Homepage: http://ynetinteractive.com/ Software Buy:...

Fome SMS Portal 2.0 SQL Injection

Exploit Title: Fome SMS Portal Advanced - Bulk SMS Reseller v2.0 Script - SQL Injection Google Dork: N/A Date: 09.02.2017 Vendor Homepage: http://ynetinteractive.com/ Software Buy: https://codecanyon.net/item/fome-sms-portal-advanced-bulk-sms-reseller-script/14241587 Demo:...