4 matches found
WordPress IBPS Online Exam Plugin Cross-Site Scripting Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress IBPS Online Exam plugin. An attacker can exploit this...
WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated SQL Injection / Cross-Site Scripting
Exploit Author: 8bitsec Contact Author: https://twitter.com/8bitsec Stored XSS on exam input textfields and Blind SQL Injection on 'examappUserResult' page 'id' parameter. Authenticated Stored XSS: Logged as a student: Write the payload in the input textfields while attempting an exam. The payloa...
WordPress IBPS Online Exam plugin <=1.0 - Authenticated Stored Cross-site scripting (XSS) vulnerability
Authenticated Stored Cross-site scripting XSS vulnerability found in WordPress IBPS Online Exam plugin =1.0 versions by 8bitsec. The attack is possible when logged in as a student. Solution 2017.07.29 - We were unable to find information about patched release of WordPress IBPS Online Exam plugin...
WordPress IBPS Online Exam plugin <=1.0 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability found in WordPress IBPS Online Exam plugin =1.0 versions. Blind SQL Injection possible when logged in as a student. Solution 2017.07.29 - We were unable to find information about patched release of WordPress IBPS Online Exam plugin. Also, we were...