Cross site scripting

Reflected XSS in wordpress plugin infusionsoft v1.5.11...

CVE-2016-1000139

The WordPress Infusionsoft Gravity Forms Add-on Plugin

CVE-2016-1000139

Reflected XSS in wordpress plugin infusionsoft v1.5.11...

Infusionsoft Gravity Forms Add-on <= 1.5.11 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. PoC http://www.example.com/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=""...

Infusionsoft Gravity Forms Add-on <= 1.5.11 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. http://www.example.com/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId="alert1;"...

WordPress Infusionsoft Gravity Forms Add-on Plugin <= 1.5.11 - XSS

This plugin is prone to a cross site scripting vulnerability. Solution Upgrade the plugin...

Wordpress InfusionSoft Shell Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress InfusionSoft Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the WordPress...

Wordpress InfusionSoft Upload Vulnerability

This module exploits an arbitrary PHP code upload in the WordPress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

WordPress Infusionsoft Gravity Forms Add-on Plugin Unrestricted File Upload

An unauthorized file upload vulnerability has been reported in WordPress Infusionsoft Gravity Forms Add-on Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a...

wordpress infusionsoft 1.5.10 /wp-content/plugins/infusionsoft/Infusionsoft/utilities/code_generator.php 文件上传漏洞

No description provided by source...

Wordpress InfusionSoft Plugin Upload Vulnerability

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::HTTP::Wordpress include...

WordPress InfusionSoft Plugin - Upload Vulnerability

InfusionSoft plugin is prone to vulnerability that allows for arbitrary file upload and remote code execution. Solution Update the plugin...

Wordpress InfusionSoft Upload Exploit

This Metasploit module exploits an arbitrary PHP code upload in the wordpress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: http//metasploit.com/download Current...

Wordpress InfusionSoft Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress InfusionSoft Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the wordpress...

WordPress Plugin InfusionSoft - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress InfusionSoft Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the wordpress...

Infusionsoft Gravity Forms 1.5.3 - 1.5.10 Arbitrary File Upload

The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by a 1.5.10 Arbitrary File Upload security vulnerability...

WordPress Infusionsoft Gravity Forms Add-on Arbitrary File Upload Vulnerability

WordPress Infusionsoft Gravity Forms Add-on is prone to remote file upload vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-6446

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/codegenerator.php...

Code injection

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/codegenerator.php...

CVE-2014-6446

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/codegenerator.php...