951 matches found
Wordpress plugin tutor cross-site scripting vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress plugin tutor. An attacker can exploit this vulnerability to...
WordPress Plugin Tutor.1.5.3 - Local File Inclusion
Tile: Wordpress Plugin tutor.1.5.3 - Local File Inclusion Author: mehran feizi Category: webapps Date: 2020-02-12 vendor home page: https://wordpress.org/plugins/tutor/ =================================================================== Vulnerable page: /instructors.php...
WordPress Tutor 1.5.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications - Tile: Wordpress Plugin tutor.1.5.3 - Cross-Site Scripting - Author: mehran feizi - Category: webapps =================================================================== Vulnerable page: /Quiz.php...
WordPress Tutor LMS Cross-Site Request Forgery Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress Tutor LMS. The vulnerability stems from the WEB applicatio...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
Cross site request forgery (csrf)
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
CVE-2020-8615
CVE-2020-8615 is a CSRF vulnerability in the WordPress Tutor LMS plugin up to version 1.5.3 (fixed in 1.5.3). The issue allows an attacker to approve themselves as an instructor and perform other actions (e.g., blocking legitimate instructors). The root cause is CSRF in Tutor LMS’s instructor-man...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
Tutor LMS < 1.5.3 - Cross-Site Request Forgery (CSRF)
Tutor LMS WordPress plugin is vulnerable to Cross-Site Request Forgery CSRF attacks. PoC As the requests for the approval and blocking of instructors are sent using the GET method, the CSRF attack to approve an attacker-controlled instructor account can be performed by having the admin visit...
WordPress Tutor LMS plugin <= 1.5.2 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability found by Jinson Varghese Behanan in WordPress Tutor LMS plugin versions = 1.5.2. Solution Update the WordPress Tutor LMS plugin to the latest available version at least 1.5.3...
De-Tutor 1.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link:...
De-Tutor 1.0 - SQL Injection
De-Tutor 1.0 - SQL Injection Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/detutor-private-tutoring-and-admission-processing/19053430 Demo:...
De-Tutor 1.0 SQL Injection
Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/detutor-private-tutoring-and-admission-processing/19053430 Demo: https://demo.sarutech.com/detutor/...
Tutor - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Tutor published at the 'play' market has multiple vulnerabilities...
My Private Tutor Website Builder Script - SQL Injection
My Private Tutor Website Builder Script - SQL Injection Vulnerability: SQL Injection + Authentication Bypass Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Script Name: My Private Tutor Website Builder Script Script Buy Now:...
My Private Tutor Website Script - Authentication Bypass
Vulnerability: Admin Login Bypass & SQLi Date: 13.01.2017 Vendor Homepage: http://scriptfirm.com/ Script Name: Professional Service Booking Script Script Buy Now: My Private Tutor Website Author: İhsan Şencan Author Web: http://ihsan.net Mail : ihsanbeygirihsannoktanet http://localhost/PATH/admin...
GNU GTypist 2.9.5-2 - Local Buffer Overflow
GNU GTypist 2.9.5-2 - Local Buffer Overflow Exploit developed using Exploit Pack v6.5 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: GNU Typist Affected value: ARG0 Version: 2.9.5-2 Tested and developed under: Kali Linux 2.0 x86 -...
GNU GTypist 2.9.5-2 - Local Buffer Overflow Exploit
Exploit for linux platform in category local exploits Exploit Author: Juan Sacco Program affected: GNU Typist Affected value: ARG0 Version: 2.9.5-2 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Simple ncurses touch typing tutor Displays exercise lines,...
GNU GTypist 2.9.5-2 Buffer Overflow
Exploit developed using Exploit Pack v6.5 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: GNU Typist Affected value: ARG0 Version: 2.9.5-2 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Simple ncurses...