WordPress Plugin Online Hotel Booking System Pro 1.0 - SQL Injection

Exploit Title: Online Hotel Booking System Pro v1.0 WordPress Plugin - SQL Injection Google Dork: N/A Date: 27.01.2017 Vendor Homepage: http://www.bestsoftinc.com/ Software Buy: https://codecanyon.net/item/online-hotel-booking-system-pro-wordpress-plugin/9338914 Demo:...

WordPress Online Hotel Booking System Pro 1.0 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Hotel Booking System Pro v1.0 WordPress Plugin - SQL Injection Google Dork: N/A Date: 27.01.2017 Vendor Homepage: http://www.bestsoftinc.com/ Software Buy:...

CodeCanyon iBilling 2.4 Cross Site Scripting

======================================================================== | Title : ibilling v2.4 Xss Vulnerability | Author : indoushka | email : https://www.facebook.com/Indoushka.official/ | Tested on : windows 8.1 FranASSais V.Pro | Version : v2.4 | Vendor :...

RSS News AutoPilot Script 1.0.1/3.0.3 - Cross-Site Request Forgery

Exploit Title: RSS News AutoPilot Script 1.0.1 / 3.0.3 - CSRF to Persistent XSS and RCE Through Unrestricted File Upload Date: 30 August 2016 Exploit Author: Arbin Godar Website : ArbinGodar.com Software Link: https://codecanyon.net/item/rss-news-autopilot-script/11812898 Version: 1.0.1 to 3.0.3...

WordPress CodeCanyon Real3D FlipBook 2.18.8 File Deletion / Upload / XSS

1 Unauthenticated file/directory deletion Vulnerability exists in a file 'includes/process.php' where the user input eventually goes to PHP unlink or rmdir functions. We can give any file path or directory here. We can even delete the whole wordpress site. In my POC exploit, I'm just deleting the...

WordPress Real3D FlipBook Plugin - Multiple Vulnerabilities

Exploit for php platform in category web applications + POCExploit CodeCanyon Real3D FlipBook WordPress Plugin + http://codecanyon.net/item/real3d-flipbook-wordpress-plugin/6942587 + Multiple Vulnerabilities Found by: Mukarram Khalid +...

Real3D FlipBook <= 2.8 - Multiple Vulnerabilities

List of vulnerabilities: - Delete any file or directory from the server Unauthenticated - Upload images in Root directory Unauthenticated - Cross-Site Scripting XSS + POCExploit CodeCanyon Real3D FlipBook WordPress Plugin + http://codecanyon.net/item/real3d-flipbook-wordpress-plugin/6942587 +...

WordPress Plugin Ultimate Membership Pro 3.3 - SQL Injection

Vendor Homepage: http://wpindeed.com/ Software Link: http://codecanyon.net/item/ultimate-membership-pro-wordpress-plugin/12159253 Version: 3.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Unauthenticated Blind SQLi, Unauthenticated Payment Bypass Time line: Found 07-Jun-2016, Vendor notified...

Wordpress Premium SEO Pack 1.9.1.3 Plugin - wp_options Overwrite

Exploit for php platform in category web applications Vendor Homepage: http://aa-team.com/ Software Link: http://codecanyon.net/item/premium-seo-pack-wordpress-plugin/6109437?srank=2 Version: 1.9.1.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Authenticated customer, subscriber wpoptions overwrite Ti...

WordPress Plugin DZS Videogallery &lt; 8.60 - Multiple Vulnerabilities

Exploit Title: Wordpress DZS Videogallery Plugin - Multiple Vulnerabilities --------------------------------------- Unauthenticated CSRF & XSS POC: http://target/wp-content/plugins/dzs-videogallery/admin/tagseditor/popup.php?initer=whatava18642%27%3balert%281%29%2f%2f645 Line 13-15 unsanitized...

WordPress Comment Rating 1.5.0 Cross Site Scripting

FULL DISCLOSURE Product : wp-comment-rating Exploit Author : Rahul Pratap Singh Version : 1.5.0 Home page Link : http://codecanyon.net/item/wordpress-comment-rating-plugin/6582710 Website : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Date : 30/Jan/2016 XSS...

BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities

Exploit for php platform in category web applications Product : BK Mobile CMS Exploit Author : Rahul Pratap Singh Version : 2.4 Home page Link : http://codecanyon.net/item/jquery-mobile-website-with-full-admin-panel/2441358 Website : 0x62626262.wordpress.com Linkedin :...

Tequila File Hosting 1.5 Shell Upload

================================================================================ Tequila File Hosting Unrestricted File Upload ================================================================================ Vendor Homepage: http://codecanyon.net/item/tequila-file-hosting-script/7604312 Date:...

WordPress Car Rental System SQL Injection Vulnerability

Exploit Title : Car Rental System Native WordPress Plugin SQL Injection vulnerability version3.1 Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://codecanyon.net/item/car-rental-system-native-wordpress-plugin/11758680 Affected Version: below version 3.1 Date : 12/07/2015 Love to :...

CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation]

Exploit Title: CVE-2015-4038 - WordPress WP Membership plugin Privilege escalation Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE:...

Joomla EQ Event Calendar SQL Injection

Exploit Title : Joomla component EQ Event Calendar SQL Injection vulnerability Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://codecanyon.net/item/eq-event-calendar-/11169564 Date : 7/06/2015 Discovered at : IndiShell Lab Love to : zero cool,Team indishell,Mannu,Viki,Hardeep...

WordPress Ajax Store Locator 1.2 SQL Injection Vulnerability

WordPress Ajax Store Locator versions 1.2 and below suffer from a remote SQL injection vulnerability. Exploit Title : Wordpress Ajax Store Locator = 5.0.12 AND time-based blind SE...

WordPress Ajax Store Locator 1.2 SQL Injection

Exploit Title : Wordpress Ajax Store Locator = 5.0.12 AND time-based blind SELECT' injectable for the remaining tests, do you want to include all tests for 'MySQL' extending pr...

WordPress Plugin Ajax Store Locator 1.2 - SQL Injection

WordPress Plugin Ajax Store Locator 1.2 - SQL Injection Exploit Title : Wordpress Ajax Store Locator = 5.0.12 AND time-based blind SELECT' injectable for the remaining tests, do you want to include all tests for 'MySQ...

WordPress Plugin Ajax Store Locator 1.2 - SQL Injection

Exploit Title : Wordpress Ajax Store Locator = 5.0.12 AND time-based blind SELECT' injectable for the remaining tests, do you want to include all tests for 'MySQL' extending...