Lucene search
+L

4 matches found

CNVD
CNVD
added 2017/07/26 12:0 a.m.5 views

WordPress IBPS Online Exam Plugin Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress IBPS Online Exam plugin. An attacker can exploit this...

6.7AI score
Exploits0References1
wpexploit
wpexploit
added 2017/07/21 12:0 a.m.21 views

WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated SQL Injection / Cross-Site Scripting

Exploit Author: 8bitsec Contact Author: https://twitter.com/8bitsec Stored XSS on exam input textfields and Blind SQL Injection on 'examappUserResult' page 'id' parameter. Authenticated Stored XSS: Logged as a student: Write the payload in the input textfields while attempting an exam. The payloa...

6.5CVSS0.1AI score0.01576EPSS
Exploits3
Patchstack
Patchstack
added 2017/07/21 12:0 a.m.17 views

WordPress IBPS Online Exam plugin <=1.0 - Authenticated Stored Cross-site scripting (XSS) vulnerability

Authenticated Stored Cross-site scripting XSS vulnerability found in WordPress IBPS Online Exam plugin =1.0 versions by 8bitsec. The attack is possible when logged in as a student. Solution 2017.07.29 - We were unable to find information about patched release of WordPress IBPS Online Exam plugin...

1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2017/07/21 12:0 a.m.17 views

WordPress IBPS Online Exam plugin <=1.0 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability found in WordPress IBPS Online Exam plugin =1.0 versions. Blind SQL Injection possible when logged in as a student. Solution 2017.07.29 - We were unable to find information about patched release of WordPress IBPS Online Exam plugin. Also, we were...

1.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder