215 matches found
CVE-2020-8417
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu...
Cross site request forgery (csrf)
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu...
CVE-2020-8417
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu...
Malwinx - Just A Normal Flask Web App To Understand Win32Api With Code Snippets And References
A normal flask web app to learn win32api with code snippets and references. Prerequisite You need to download the following package before starting it pip install flask pip install pefile pip install requests Usage $ python flaskapp.py Live Demo Here is the Walkthrough: 1. Upload the exe or dll. ...
AXIS Communications - Cross-Site Scripting / Content Injection
0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Improper Input Validation CWE-20 - CVE Name:...
Fortinet FortiClient 5.2.3 (Windows 10 x86) - Local Privilege Escalation
/ Check these out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf - https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/ Tested on: - Windows 10 Pro x86 1703/1709 - ntoskrnl.exe: 10.0.16299.309 - FortiShield.sys: 5.2.3.633 Compile: -...
WordPress Code Snippets 2.6.1 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Code Snippets WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016 -----------------------------------------------------------------------...
WordPress Code Snippets Plugin <= 2.6.1 - Cross Site Scripting
Because of this vulnerability, attacker can inject malicious JavaScript code into the application. Solution Update the plugin...
Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities
Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities Vulnerabilities in Pimcore 1.4.9 to 2.1.0 inclusive Discovered by Pedro Ribeiro [email protected] of Agile Information Security ==================================================================== Disclosure: 14/04/2014 / Last updated: 12/10/2014...
Code Snippets 0.9 Insecure Session
--------------------------------------- Author : L3b-r1'z Title : Code Snippets Version 0,9 insecure session Date : 6/30/2012 Email : [email protected] Site : Sec4Ever.com & Exploit4arab.com Google Dork : allintext: "Powered by: PHP-CSL V0.9" Version : 1.1.0 6/30/2012 - Vulnerability discovered...
Jarida 1.0 SQL Injection
Exploit Title: Jarida 1.0 SQL Injection Date : 26 September 2011 Author : Ptrace Security Gianni Gnesa gnix Contact : researchatptrace-securitydotcom Software Link: http://sourceforge.net/projects/jarida/ Version : 1.0 Tested on : CentOS 5.6 01 ./article.php:28: $query = "SELECT articleid FROM...
Insanely simple blog - Multiple vulnerabilities
Insanely simple blog version 0.5 and below http://sourceforge.net/projects/insanelysimple2 ISB contains multple vulnerabilities including both XSS, and SQL injection. First off, the search action fails to strip user content for html allowing a user to input tags. Next, anonymous blog entries can...
[KAPDA::#46] - AjaxPortal Authentication Bypass
KAPDA New advisory Vendor: http://myiosoft.com Vulnerable: AjaxPortal v. 3.0 Bug: Sql Injection Authentication Bypass Exploitation: Remote with browser Description: -------------------- AjaxPortal is based on Sajax technology - an open source tool to make programming websites using the Ajax...
linpha_10_local.txt
------------- Linpha = 1.0 multiple arbitrary local inclusion ----------------- software: site: http://linpha.sourceforge.net/nuke/ description: " LinPHA is an easy to use, multilingual, flexible photo / image archive / album / gallery written in PHP. It uses a SQL database to store information...
linux/x86 break chroot execve /bin/sh 80 bytes
Exploit for linux/x86 platform in category shellcode ============================================== linux/x86 break chroot execve /bin/sh 80 bytes ============================================== / This is Linux chroot/execve code.It is 80 bytes long.I have some ideas how to make it smaller, but ti...