EUVD-2017-6102

Malware in sbrugna...

EUVD-2017-7753

Malware in sbrugna...

CVE-2025-4568 SQL Injection in 2ClickPortal

Improper neutralization of input provided by an unauthorized user into changesreferenceid parameter in URL allows for boolean-based Blind SQL Injection attacks...

CVE-2025-4568 SQL Injection in 2ClickPortal

Improper neutralization of input provided by an unauthorized user into changesreferenceid parameter in URL allows for boolean-based Blind SQL Injection attacks...

CVE-2024-50584

An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/templateio.php file and supplying malicious GET parameters. The "templates" parameter is vulnerable against blind boolean-based SQL injection attacks. SQL syntax must be injected into the...

CVE-2024-6835

CVE-2024-6835 affects Ivory Search – WordPress Search Plugin, with information exposure in the ajax_load_posts path affecting all versions up to 5.5.6. Unauthenticated attackers could extract text from password-protected posts via a boolean-based attack on the AJAX search form. Public reviews/ent...

PT-2024-37894 · WordPress · The Ivory Search

Name of the Vulnerable Software and Affected Versions: The Ivory Search – WordPress Search Plugin versions up to, and including, 5.5.6 Description: The issue allows unauthenticated attackers to extract text data from password-protected posts using a boolean-based attack on the AJAX search form...

50m-ctf: `Cody trolled us all` h1-702 CTF write-up

Premise I use not to play CTF challenges because they usually absorb me entirely. I cannot think of anything else but "I want that flag!". That said, this is going to be a long story: no princess, no dragoons, only a tweet. https://twitter.com/Hacker0x01/status/1100543680383832065 Level 0 - Nothi...