posizionamento-seo.com XSS vulnerability

Open Bug Bounty ID: OBB-279744 Description| Value ---|--- Affected Website:| posizionamento-seo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

tomatoheart.com XSS vulnerability

Open Bug Bounty ID: OBB-279735 Description| Value ---|--- Affected Website:| tomatoheart.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

tvguru.cz XSS vulnerability

Vulnerable URL: http://www.tvguru.cz/wp-admin/admin-ajax.php?tdthemename=Newspaper=8.1 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 233179 VIP website status:| No Coordinated Disclosure Timeline: Description|...

fokus.mk XSS vulnerability

Open Bug Bounty ID: OBB-278814 Description| Value ---|--- Affected Website:| fokus.mk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

elcaribe.com.do XSS vulnerability

Open Bug Bounty ID: OBB-278813 Description| Value ---|--- Affected Website:| elcaribe.com.do Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Sql injection

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogueupdateorder list-item, videoupdateorder video-item, imageupdateorder list-item, taggroupupdateorder listitem, categoryproductsupdateorder...

CVE-2017-12199

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogueupdateorder list-item, videoupdateorder video-item, imageupdateorder list-item, taggroupupdateorder listitem, categoryproductsupdateorder...

WP Support Plus Responsive Ticket System < 8.0.0 - Privilege Escalation

You can login as anyone without knowing password because of incorrect usage of wpsetauthcookie. Username:...

spacehost.de XSS vulnerability

Vulnerable URL: https://spacehost.de/blog/wp-admin/admin-ajax.php Details: Description| Value ---|--- Patched:| Yes, at 14.05.2017 Latest check for patch:| 14.05.2017 20:49 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1786851 VIP website status:| No Check...

trittin.de XSS vulnerability

Vulnerable URL: https://www.trittin.de/wp-admin/admin-ajax.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check trittin.de SSL...

druckerei-hellendoorn.de XSS vulnerability

Vulnerable URL: http://www.druckerei-hellendoorn.de/wp-admin/admin-ajax.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

CVE-2016-10148

The wpajaxupdateplugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a getplugindata call before checking the updateplugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to...

Product Catalog 8 1.2 - Unauthenticated SQL Injection

$POST ‘selectedCategory’ is not escaped. UpdateCategoryList is accessible for any user...

Sirv <= 1.3.1 - Authenticated SQL Injection

$POST ‘id’ is not escaped. sirvgetrowbyid is accessible for every registered user. $id = $POST'rowid'; $row = $wpdb-getrow"SELECT FROM $tablename WHERE id = $id", ARRAYA; $row'images' = unserialize$row'images'; echo jsonencode$row;...

WordPress 4.5 admin-ajax.php Path traversal & DoS

Impact version WordPress 4.6 4.5.3 test by Analysis The above code can be seen, the directory traversal vulnerability is triggered in security checks before. No echo is slightly tasteless, but the attacker can use this directory through repeated read/dev/random blocking the php script, resulting ...

JobScript Remote Code Execution

!C:/Python27/python.exe -u JobScript Remote Code Execution Exploit Vendor: Jobscript Product web page: http://www.jobscript.in Affected version: Unknown Summary: JobScript is inbuilt structured website was developed in PHP and MySQL database. It's a complete job script for those who wants to star...

JobScript Open Redirection And Arbitrary Code Execution Vulnerability

Summary JobScript is inbuilt structured website was developed in PHP and MySQL database. It's a complete job script for those who wants to start a professional job portal website like naukri.com, monster.com, clickjobs.com or any such major job portals. Jobscript was designed and developed with t...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the formfields parameter in a 1 doedit or 2 doinsert action to wp-admin/admin-ajax.php...

Wordpress VideoWhisper Video Presentation plugin XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress plugin videowhisper-video-presentation XSS Vulnerability Vendor or Software Link: https://wordpress.org/plugins/videowhisper-video-presentation/ Google dork: inurl:/wp-content/plugins/videowhisper-video-presentation Th...

Wordpress Plugin Store Locator Plus 4.2.23 Email Injection

如果我们拥有有效的“钥匙”就可以发送邮件给任何人File: store-locator-le\include\send-email.phpif !wpverifynonce$REQUEST'valid','em' die; $messageheaders = "From: "$GET'emailname'"...