Lucene search
K

31 matches found

CNNVD
CNNVD
added 2024/05/15 12:0 a.m.10 views

WordPress plugin Base64 Encoder/Decoder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

2.4CVSS6.6AI score0.00217EPSS
Exploits2References2
Patchstack
Patchstack
added 2024/05/15 12:0 a.m.12 views

WordPress Base64 Encoder/Decoder Plugin <= 0.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Base64 Encoder/Decoder Type Plugin Vulnerable versions = 0.9.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3822 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 72ed251444bf Credits Francisco Spínola...

5.7AI score0.00741EPSS
Exploits2References3Affected Software1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.37 views

WordPress plugin Base64 Encoder/Decoder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.8CVSS6.5AI score0.00741EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.11 views

PT-2023-32951 · Php · Php

Name of the Vulnerable Software and Affected Versions: Base64 Encoder/Decoder WordPress plugin versions 0.9.2 and earlier PHP versions prior to 8.0.30 PHP versions prior to 8.1.22 PHP versions prior to 8.2.8 Description: The issue concerns a lack of CSRF check in the Base64 Encoder/Decoder...

5.5CVSS6.3AI score0.00202EPSS
Exploits2References6
GithubExploit
GithubExploit
added 2022/01/04 2:48 p.m.533 views

Exploit for Unrestricted Upload of File with Dangerous Type in Embedthis Goahead

CVE-2021-42342 CVE-2021-42342 RCE POC1:just prints c in...

9.8CVSS9.7AI score0.5946EPSS
Exploits2
Kitploit
Kitploit
added 2021/07/18 12:30 p.m.77 views

DNSStager - Hide Your Payload In DNS

DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting...

7.6AI score
Exploits0References3
Metasploit
Metasploit
added 2018/04/21 8:54 a.m.27 views

Ruby Base64 Encoder

This encoder returns a base64 string encapsulated in eval%base64 encoded string.unpack%m0.first. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby Base64 Encoder', 'Description' = %q This...

7AI score
Exploits0
exploitpack
exploitpack
added 2012/01/30 12:0 a.m.21 views

HostBill App 2.3 - Remote Code Injection

HostBill App 2.3 - Remote Code Injection =-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah, The Most Beneficent, The Most Merciful-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: suffering from RemotE injection php code Vendor:hostbillapp.com + Software:HostBill + Version : v2.3 + author:Dr.DaShE TEAM:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/30 12:0 a.m.30 views

HostBill App 2.3 - Remote Code Injection

=-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah, The Most Beneficent, The Most Merciful-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: suffering from RemotE injection php code Vendor:hostbillapp.com + Software:HostBill + Version : v2.3 + author:Dr.DaShE TEAM: Team 403 ? - contact: Dasher403atgmail.c...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/25 12:0 a.m.53 views

WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection

source: https://www.securityfocus.com/bid/28107/info WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the...

7.4AI score
Exploits0
0day.today
0day.today
added 2003/06/08 12:0 a.m.35 views

Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl

Exploit for linux platform in category remote exploits ====================================================== Apache ; $host =...

7.1AI score
Exploits0
Rows per page
Query Builder