WordPress WP Symposium Plugin 15.1 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Details ================ Software: WP Symposium Version: 15.1 Homepage: https://wordpress.org/plugins/wp-symposium Advisory report:...

WordPress Plugin WP Symposium 15.1 - Blind SQL Injection

WordPress Plugin WP Symposium 15.1 - Blind SQL Injection Details ================ Software: WP Symposium Version: 15.1 Homepage: https://wordpress.org/plugins/wp-symposium Advisory report:...

WordPress Plugin WP Symposium 15.1 - Blind SQL Injection

Details ================ Software: WP Symposium Version: 15.1 Homepage: https://wordpress.org/plugins/wp-symposium Advisory report: https://security.dxw.com/advisories/blind-sql-injection-in-wp-symposium-allows-unauthenticated-attackers-to-access-sensitive-data/ CVE: Awaiting assignment CVSS: 6.4...

WP Symposium <= 15.1 - Blind SQL Injection

The wp-symposium WordPress plugin was affected by a Blind SQL Injection security vulnerability...

JoomShopping - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: JoomShopping Blind Sql injection Google Dork: allinurl:"/modules/modjshoppingproductswfl/js/" Date: 2015-07-24 Exploit Author: Mormoroth Vendor Homepage: http://www.webdesigner-profi.de Software Link:...

WordPress Filedownload 1.4 Open Proxy

Title: Open Proxy in filedownload v1.4 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-11 Download Site: https://wordpress.org/plugins/filedownload/ Vendor: Peter Gross Vendor Notified: 2015-07-11 Vendor Contact: [email protected] Description: Creates a downloadlink with t...

JoomShopping - Blind SQL Injection

JoomShopping - Blind SQL Injection Exploit Title: JoomShopping Blind Sql injection Google Dork: allinurl:"/modules/modjshoppingproductswfl/js/" Date: 2015-07-24 Exploit Author: Mormoroth Vendor Homepage: http://www.webdesigner-profi.de Software Link:...

JoomShopping - Blind SQL Injection

Exploit Title: JoomShopping Blind Sql injection Google Dork: allinurl:"/modules/modjshoppingproductswfl/js/" Date: 2015-07-24 Exploit Author: Mormoroth Vendor Homepage: http://www.webdesigner-profi.de Software Link: http://www.webdesigner-profi.de/joomla-webdesign/joomla-shop/downloads.html...

Mail.ru: Time-Based Blind SQL Injection Attacks

Здравствуйте, на сайте http://jh.my.com/forum/ajax/render/memberlistitems обнаружена blind sql. При отправке в POST-запросе : criteriastartwith=ifnow=sysdate,sleep0,0/"XORifnow=sysdate,sleep0,0OR"/ Сервер будет отрабатывать заданное время. Прикрепляю скрин...

Slider <= 2.8.6 - Authenticated Blind SQL Injection

The slider-image WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...

Microblog Poster <= 1.6.0 - Authenticated Blind SQL Injection

The Microblog Poster – Auto Publish on Social Media WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...

WordPress Slider Plugin <= 2.8.6 - Blind SQL Injection

Because of this vulnerability, authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

WordPress Quiz And Survey Master Plugin <= 4.4.2 - Blind SQL Injection

Because of this vulnerability, authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

WordPress NEX-Forms Plugin <= 4.0 - Blind SQL Injection

Because of this vulnerability, unauthenticated attackers and authenticatged users can inject arbitrary SQL commands. Solution Upgrade the plugin...

FileDownload <= 1.4 - Multiple Issues

XSS, Blind SQL Injection and Open Proxy issues...

WordPress Contact Form Builder Plugin <= 1.0.24 - Blind SQL Injection

Because of this vulnerability, authenticated administrators can execute arbitrary SQL commands. Solution Upgrade this plugin...

WordPress Booking System Plugin <= 2.0 - Blind SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands via "language" parameter. Solution Update the plugin...

Pinpoint Booking System <= 2.0 - Authenticated Blind SQL Injection

The Pinpoint Booking System – 1 WordPress Booking Plugin WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...

WP Live Chat Support < 4.4.0 - Unauthenticated Blind SQL Injection

The 3CX Live Chat WordPress plugin was affected by an Unauthenticated Blind SQL Injection security vulnerability...

WordPress Yet Another Stars Rating Plugin <= 0.9.0 - Blind SQL Injection

Because of this vulnerability, remote authenticated users with 'publishposts' role can execute arbitrary SQL commands. Solution Update the plugin...