Lucene search
K

12 matches found

Patchstack
Patchstack
added 2020/12/28 12:0 a.m.8 views

WordPress Thumbnail carousel slider plugin <= 1.0 - Authenticated Shell Upload and Cross-Site Request Forgery (CSRF) vulnerabilities

Authenticated Shell Upload and Cross-Site Request Forgery CSRF vulnerabilities found by Arash Khazaei in WordPress Thumbnail carousel slider plugin versions = 1.0. Solution Update the WordPress Thumbnail carousel slider plugin to the latest available version at least 1.0.1...

2.9AI score
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2016/09/13 12:0 a.m.27 views

Zapya Desktop 1.803 - &#039;ZapyaService.exe&#039; Local Privilege Escalation

Exploit Title: Zapya Desktop Version 'ZapyaService.exe' Privilege Escalation Date: 2016/9/12 Exploit Author: Arash Khazaei Vendor Homepage: http://www.izapya.com/ Software Link: http://binaries.izapya.com/Izapya/WindowsPC/ZapyaSetup1803en.exe Version: 1.803 Latest Tested on: Windows 7 Professiona...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/21 12:0 a.m.36 views

WordPress Gallery Master 1.0.22 Cross Site Scripting

Exploit : For Exploiting This Vulnerability Install Testimonial Slider Plugin Then Create New SGallery In Gallery Title Input And Gallery Description Place Your JavaScript Code After Creating Gallery JavaScript Code Will Be Executed . Plugin Is Accessable By Authors , Administartors , Editors...

Exploits0
Packet Storm
Packet Storm
added 2015/09/08 12:0 a.m.23 views

WordPress Easy Media Gallery 1.3.47 Cross Site Scripting

Exploit : For Exploiting This Vulnerability Install Easy Media Gallery Plugin Then Create New Media In Media Title Input : "/alert'Exploit' Then In Media Subtitle Like Media Title Input : "/alert'Exploit1' After Creating New JavaScript Code Will Be Executed . Video Poc : http://youtu.be/5nMQUgP6n...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/31 12:0 a.m.28 views

WordPress Testimonial Slider 1.2.1 Cross Site Scripting

GhostMail Exploit : For Exploiting This Vulnerability Install Testimonial Slider Plugin Then Create New Slider In Slider Name Input Place Your JavaScript Code After Creating Slider JavaScript Code Will Be Executed . Image POC : Vulnerable Code : Slider ID = For Patching : Slider ID = This...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/28 12:0 a.m.58 views

WordPress Responsive Thumbnail Slider 1.0 Shell Upload

POC : For Exploiting This Vulnerability : Go To Add Image Section And Upload File By Self Plugin Uploader Then Upload File With Double Extension Image And By Using A BurpSuite Or Tamper Data Change The File Name From Shell.php.jpg To Shell.php And Shell Is Uploaded . :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/08/28 12:0 a.m.92 views

WordPress Plugin Responsive Thumbnail Slider 1.0 - Arbitrary File Upload

Exploit Title: Wordpress Responsive Thumbnail Slider Arbitrary File Upload Date: 2015/8/29 Exploit Author: Arash Khazaei Vendor Homepage: https://wordpress.org/plugins/wp-responsive-thumbnail-slider/ Software Link: https://downloads.wordpress.org/plugin/wp-responsive-thumbnail-slider.zip Version:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/25 12:0 a.m.59 views

Pligg CMS 2.0.2 Cross Site Request Forgery

Admin input name="password" type="text" class="form-control" id="password" value="hacker123" onchange="ch...

6.8CVSS0.7AI score0.01982EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/08/09 12:0 a.m.18 views

Wolf CMS 0.8.2 Open Redirect

Exploit Title: Wolf CMS Open Redirect Vulnerability + Google Dork: N/A + Date: 10/8/2015 + Exploit Author: Arash Khazaei + Vendor Homepage: https://www.wolfcms.org/ + Software Link: https://bitbucket.org/wolfcms/wolf-cms-downloads/downloads/wolfcms-0.8.2.zip + Version: 0.8.2Last Version + Tested...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/07/30 12:0 a.m.29 views

Tendoo CMS 1.3 - XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Tendoo CMS Stored And Reflected Xss Vulnerability Google Dork: N/A Date: 28/7/2015 Exploit Author: Arash Khazaei Vendor Homepage: http://tendoo.org/ Software Link: http://sourceforge.net/projects/tendoo-cms/ Version: 1.3 Tested...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/07/29 12:0 a.m.21 views

Tendoo CMS 1.3 - Cross-Site Scripting

Exploit Title: Tendoo CMS Stored And Reflected Xss Vulnerability Google Dork: N/A Date: 28/7/2015 Exploit Author: Arash Khazaei Vendor Homepage: http://tendoo.org/ Software Link: http://sourceforge.net/projects/tendoo-cms/ Version: 1.3 Tested on: Kali , Windows CVE : N/A Contact : [email protected]...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/27 12:0 a.m.23 views

Seditio CMS 1.7.1 Open Redirect

Exploit Title: Seditio CMS Open Redirect + Google Dork: intext:"Powered by Seditio CMS" + Date: 27/7/2015 + Exploit Author: Arash Khazaei + Vendor Homepage: http://www.seditiocms.com/ + Software Link: http://www.seditiocms.com/page.php?id=20&a=dl + Version: 1.7.1Last Version + Tested on: Kali ,...

7.4AI score
Exploits0
Rows per page
Query Builder