WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)

Exploit Title :WordPress Polls plugin1.2.4 SQL Injection vulnerability Vulnerable version:Download Link : https://downloads.wordpress.org/plugin/polls-widget.1.2.4.zip //////////////////////// /// Overview: //////////////////////// WordPress Polls plugin is a tool for creating polls and survey...

Joomla Patches Eight-Year-Old LDAP Injection Vulnerability

Joomla on Tuesday patched a critical vulnerability that had lingered in the content management system for eight years. It’s unknown whether the bug had been publicly exploited before it was privately reported in July, but an attacker could have leveraged the flaw to steal administrator login...

Joomla! < 3.8.0 Information Disclosure Vulnerability

Joomla is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

CVE-2017-14595

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state...

CVE-2017-14595

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state...

Information disclosure

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state...

CVE-2017-14595

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state...

CVE-2017-1002027

Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rkuserlist.php...

Design/Logic Flaw

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contactid variable before adding it to the end of an SQL query...

Design/Logic Flaw

Vulnerability in wordpress plugin surveys v1.01.8, The code in surveyform.php does not sanitize the action variable before placing it inside of an SQL query...

CVE-2017-1002021

Vulnerability in wordpress plugin surveys v1.01.8, The code in individualresponses.php does not sanitize the surveyid variable before placing it inside of an SQL query...

CVE-2017-1002020

Vulnerability in wordpress plugin surveys v1.01.8, The code in surveyform.php does not sanitize the action variable before placing it inside of an SQL query...

CVE-2017-1002020

Vulnerability in wordpress plugin surveys v1.01.8, The code in surveyform.php does not sanitize the action variable before placing it inside of an SQL query...

Security feature bypass

Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rkuserlist.php...

CVE-2017-1002005

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contactid variable before adding it to the end of an SQL query...

CVE-2017-1002004

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query...

CVE-2017-1002005

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contactid variable before adding it to the end of an SQL query...

CVE-2017-1002022

Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query...

CVE-2017-1002028

Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query...

Tor: Sql query disclosure,

Hi, path:- https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=mergeready&status=needsinformation&status=needsreview&status=needsrevision&status=new&status=reopened&component=- Select a...