CVE-2015-2690

Multiple cross-site scripting XSS vulnerabilities in views/add-license-form.php in the Digium Addons module digiumaddoninstaller before 2.11.0.7 for FreePBX allow remote attackers to inject arbitrary web script or HTML via the 1 addlicensekey, 2 addlicensefirstname, 3 addlicenselastname, 4...

CVE-2017-10967

In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the 1 keyname, 2 keyvalue, and 3 meaning parameters...

CVE-2017-10967

Affected software: FineCMS (before 2017-07-06). Vulnerable component: application/core/controller/config.php. Vulnerability type: Cross-site scripting (XSS). Affected parameters: key_name, key_value, and meaning. Root cause / details: The available descriptions indicate that FineCMS allows XSS vi...

CVE-2017-10967

In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the 1 keyname, 2 keyvalue, and 3 meaning parameters...

CVE-2017-9741

CVE-2017-9741 affects ProjectSend (r754). The install/make-config.php file is vulnerable to remote PHP code execution via the dbprefix parameter, due to replacing TABLES_PREFIX in the configuration file. This leads to arbitrary code execution on affected installations. Connected records confirm t...

WordPress WP Quiz Plugin <= v1.0.7 - Authenticated Stored XSS

Settings fields allows to add XSS. Related file: class-page-config.php. The user should have An author or Editor role. Add XSS payload to Quiz e.g. alertdocument.cookie Solution Update the plugin to v1.0.8...

Javo Spot Premium Theme - Unauthenticated Directory Traversal

Print out any file in the via an unauthenticated AJAX request. PoC /wp-admin/admin-ajax.php? jvfrmspotgetjson=../../wp-config.php=jQuery...

Dotclear 2.9.1 Directory Download

Dotclear 2.9.1 Directory Download Vulnerability + Software: https://dotclear.org/ + Author: Wiswat Aswamenakul + Affected version: only tested on 2.9.1 previous version might be affected + Platform: tested on Ubuntu 14.04, PHP 5.5.9 + Description Authenticated users with media manager access...

WordPress Plugin Import CSV 1.0 - Directory Traversal

WordPress Plugin Import CSV 1.0 - Directory Traversal Exploit Title: Wordpress Import CSV | Directory Traversal Exploit Author: Wadeek Website Author: https://github.com/Wad-Deek Software Link: https://downloads.wordpress.org/plugin/xml-and-csv-import-in-article-content.zip Stable Tag: 1.1 Tested...

WordPress RobotCPA Plugin V5 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin RobotCPA V5 - Local File Include Google Dork: inurl:"/wp-content/plugins/robotcpa/" Date: 09.06.2015 Exploit Author: T3N38R15 Vendor Homepage: http://robot-cpa.good-info.co/ Version: 5V Tested on: Windows Firefo...

Wordpress Theme Nevada Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Theme Nevada Arbitrary File Download Vulnerability Date: 01/05/2015 Exploit Author: X-Line Vendor Homepage: http://themeforest.unitedthemes.com/wpversions/nevada/ Contact : http://www.root-me.org/X-Line-24646 Tested on...

WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure

Exploit Title: Wordpress Plugin 'WP Mobile Edition' Remote File Disclosure Vulnerability Date: April 11, 2015 Exploit Author: @LookHin Khwanchai Kaewyos Google Dork: inurl:?fdxswitcher=mobile Vendor Homepage: https://wordpress.org/plugins/wp-mobile-edition/ Software Link:...

CVE-2014-9185

Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the siteurl parameter...

Code injection

Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the siteurl parameter...

CVE-2014-9185

Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the siteurl parameter...

WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal

WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal Exploit Title: Paid Memberships Pro 1.7.14.2 Path Traversal Date: 14-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl Software Link: https://downloads.wordpress.org/plugin/paid-memberships-pro.1.7.14.2.zip...

WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal

Exploit Title: Paid Memberships Pro 1.7.14.2 Path Traversal Date: 14-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl Software Link: https://downloads.wordpress.org/plugin/paid-memberships-pro.1.7.14.2.zip Category: webapps CVE: CVE-2014-8801 1. Description getfile.php is...

Design/Logic Flaw

Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions 644 for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103...

WordPress yakimabait Theme Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Poc : http://localhost/wp-content/themes/yakimabait/download.php?file=./wp-config.php Demo : http://www.yakimabait.com/wp-content/themes/yakimabait/download.php?file=./wp-config.php --------------------------------------- Greetz to : All...

WPHardening - WPHardening fortification is a security tool for WordPress

WPHardening is a security tool for WordPress. Different tools to hardening WordPress. Usage $ python wphardening.py -h Options: --version show program's version number and exit -h, --help show this help message and exit -v, --verbose Active verbose mode output results --update Check for WPHardeni...