Lucene search
K

83 matches found

Packet Storm
Packet Storm
added 2014/08/26 12:0 a.m.33 views

WordPress WPtouch Mobile 3.4.5 Shell Upload

Wordpress WPtouch Mobile Plugin File Upload Vulnerability ================================= ==================== / / / / / / / / / / / / / : / / / / / / / / / / / / / / / | / / / / / / / / / / / / / // / // / / / / --X-- / / / / / / / / / / / / / / / / / / / / |////////// // / /// :...

0.2AI score
Exploits0
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.18 views

WPtouch 1.9.19.4 - Cross-Site Scripting (XSS)

The WPtouch WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.6AI score0.01901EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.5 views

WPtouch 1.9.27 - 'wptouch_redirect' Parameter URI Redirection

The WPtouch WordPress plugin was affected by a 'wptouchredirect' Parameter URI Redirection security vulnerability...

2.2AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.13 views

WPtouch 1.9.8 - ajax/file_upload.php Crafted Content-Type File Upload Remote Code Execution

The WPtouch WordPress plugin was affected by an ajax/fileupload.php Crafted Content-Type File Upload Remote Code Execution security vulnerability...

2.6AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.9 views

WPtouch 3.x - Insecure Nonce Generation

The WPtouch WordPress plugin was affected by an Insecure Nonce Generation security vulnerability...

2AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.9 views

WPtouch 1.9.8 - include/submit.php Multiple Parameter SQL Injection

The WPtouch WordPress plugin was affected by an include/submit.php Multiple Parameter SQL Injection security vulnerability...

2.4AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.15 views

WordPress WPtouch Plugin <= 1.9.8 - Remote Code Executio

This plugin is prone to a remote code execution in ajax/fileupload.php. Solution Update the plugin...

2.7AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.10 views

WordPress WPtouch Plugin <= 1.9.8 - SQL Injection

This plugin is prone to an SQL injection vulnerability in include/submit.php parameter. Solution Update the plugin...

2.7AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.10 views

WordPress WPtouch Plugin <= 3.x - Insecure Nonce Generation

Because of this vulnerability, a logged­-in attacker can potentially take over the website by uploading a backdoor and then do anything he wants. Solution Update the plugin...

3.1AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2014/07/23 12:0 a.m.22 views

Wordpress WPTouch Authenticated File Upload Exploit

The Wordpress WPTouch plugin contains an auhtenticated file upload vulnerability. A wp-nonce CSRF token is created on the backend index page and the same token is used on handling ajax file uploads through the plugin. By sending the captured nonce with the upload, we can upload arbitrary files to...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2014/07/15 1:8 a.m.12 views

Vulnerability in WPTouch WordPress Plugin Allows Hackers to Upload PHP backdoors

If you own a mobile version for your Wordpress website using the popular WPtouch plugin, then you may expose to a critical vulnerability that could potentially allow any non-administrative logged-in user to upload malicious PHP files or backdoors to the target server without any admin privileges...

8.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/07/15 12:0 a.m.27 views

Wordpress WPTouch Authenticated File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress WPTouch Authenticated File Upload', 'Description' = %q The Wordpress WPTouch plugin contains an auhtenticated file upload...

0.2AI score
Exploits0
Metasploit
Metasploit
added 2014/07/14 7:35 p.m.17 views

WordPress WPTouch Authenticated File Upload

The WordPress WPTouch plugin contains an authenticated file upload vulnerability. A wp-nonce CSRF token is created on the backend index page and the same token is used on handling ajax file uploads through the plugin. By sending the captured nonce with the upload, we can upload arbitrary files to...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

WPtouch WordPress Plugin 1.9.27 URL redirection

No description provided by source. Hello , that's a 0day on the must downloaded WordPress plugin. Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection Google Dork: intext:Powered by Wordpress + WPtouch with iphone/android User-Agent Author: MaKyOtOx special Pwet to ansx & Zizounet...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.52 views

XSS and FPD vulnerabilities in WPtouch and WPtouch Pro for WordPress

Hello 3APA3A! I want to inform you about vulnerabilities in WPtouch and WPtouch Pro plugins for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in ZeroClipboard.swf, which is used in the plugin. In February I wrote about Cross-Site Scripting...

5.7AI score
Exploits0
OpenVAS
OpenVAS
added 2013/08/06 12:0 a.m.19 views

WordPress WPtouch Plugin Path Disclosure Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

7.2AI score
Exploits0References4
0day.today
0day.today
added 2013/08/05 12:0 a.m.21 views

WPtouch / WPtouch Pro XSS / Path Disclosure Vulnerabilities

WPtouch and WPtouch Pro suffer from cross site scripting and path disclosure vulnerabilities. I want to inform you about vulnerabilities in WPtouch and WPtouch Pro plugins for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2013/08/04 12:0 a.m.16 views

WPtouch / WPtouch Pro XSS / Path Disclosure

Hello list! I want to inform you about vulnerabilities in WPtouch and WPtouch Pro plugins for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in ZeroClipboard.swf, which is used in the plugin. In February I wrote about Cross-Site Scripting...

7.4AI score
Exploits0
NVD
NVD
added 2011/12/14 12:55 a.m.16 views

CVE-2011-4803

SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.5AI score0.02754EPSS
Exploits1References1
Prion
Prion
added 2011/12/14 12:55 a.m.10 views

Sql injection

SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.2AI score0.02754EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder