1092 matches found
Symfony 1.4.17 Database Disclosure
Exploit Title : Symfony 1.4.17 sfDoctrinePlugin sfPropelPlugin Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 09/12/2018 Vendor Homepage : symfony-project.com symfony.com Software Download Link : symfony.com/legacy Tested On : Windows a...
WordPress NikolayDyankovDesign 2.0 Arbitrary File Disclosure
Exploit Title : WordPress NikolayDyankovDesign Themes 2.0 Arbitrary File Download Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : pinterest.com/nikolaydyankov/ nikolaydyankovdesign.com semsoft.ca Software Download Link : N/A Tested On ...
WordPress Total-Child-Theme-Master 1.0 Arbitrary File Disclosure
Exploit Title : WordPress Total-Child-Theme-Master Themes 1.0 Arbitrary File Download Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : wordpress.org wpexplorer-themes.com/total/docs/child-theme/ Software Download Link :...
WordPress Orbis 1.3.3 Database Disclosure
Exploit Title : WordPress Orbis Plugins 1.3.3 Pronamic Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : pronamic.eu wordpress.org/plugins/orbis/ Software Download Link :...
WordPress Simple-Forum 4.0 Database Disclosure
Exploit Title : WordPress Simple-Forum Plugins 4.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org simple-press.com Software Download Link : simple-press.com/downloads/simple-press-core-plugin/...
WordPress newwpml 3.0 Database Disclosure
Exploit Title : WordPress newwpml Plugins 3.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version Information :...
WordPress Search-Engine 0.5.9 Database Disclosure
Exploit Title : WordPress Search-Engine Plugins 0.5.9 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/search-engine/ Software Download Link :...
WordPress WP-Business-Directory 5.3.4 Database Disclosure
Exploit Title : WordPress WP-Business-Directory Plugins 5.3.4 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : businessdirectoryplugin.com wordpress.org/plugins/business-directory-plugin/ Software Download Lin...
WordPress jomiz-plugins-accounting 1.0 Database Disclosure
Exploit Title : WordPress jomiz-plugins-accounting Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Software Download Link : N/A Category : WebApps Explo...
Joomla Com_Finder 4.0.0 Database Disclosure
Exploit Title : Joomla ComFinder Components 4.0.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : joomla.org Software Download Links :...
WordPress wp-contactpage-designer 1.0 Database Disclosure
Exploit Title : WordPress wp-contactpage-designer Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 03/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Versio...
WordPress WP Backup Plus + 1.0 Database Disclosure
Exploit Title : WordPress WP Backup Plus + 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wpbackupplus.com wplaunchpad.io wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category...
WordPress Events Calendar Premium 1.0 Database Disclosure
Exploit Title : WordPress events-calendar-premium Plugins 1.0 Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 30/11/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Version...
Joomla Event Booking 3.8.3 Database Disclosure
Exploit Title : Joomla comeventbooking 3.8.3 Components Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 29/11/2018 Vendor Homepage : extensions.joomla.org/extension/event-booking/ +...
WordPress uploadingdownloading-non-latin-filename 1.1.5 Arbitrary File Download
Exploit Title : WordPress uploadingdownloading-non-latin-filename Plugins 1.1.5 Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 29/11/2018 Vendor Homepage : wordpress.org/plugins/uploadingdownloading-non-latin-filename/ Softwa...
WordPress hwm_board 1.0 Arbitrary File Disclosure
Exploit Title : WordPress hwmboard 1.0 Plugins Korea Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 28/11/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Version Information : All Current...
WordPress Pods 2.7.9 Database Disclosure
Exploit Title : WordPress Pods Plugins 2.7.9 Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/11/2018 Vendor Homepage : + wordpress.org/plugins/pods/ pods.io +...
glusterfs: glusterfs server exploitable via symlinks to relative paths
It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes vi...
ZZCMS Arbitrary File Deletion Vulnerability (CNVD-2018-12559)
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A security vulnerability exists in the /user/del.php file in ZZCMS version 8.3. The vulnerability can be exploited to delete arbitrary files by placing a relative path to the zzcmsmain form and sending a reque...
GE MDS PulseNET and MDS PulseNET Enterprise
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: MDS PulseNET and MDS PulseNET Enterprise Vulnerabilities: Improper Authentication, Improper Restriction of XML External Entity Reference, Relative Path Traversal 2. RISK EVALUATION...