WordPress Easy Modal 2.0.17 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications WordPress Easy Modal Plugin Multiple Security Vulnerabilities Advisory Title: WordPress Easy Modal Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Easy Modal plugin Language: PHP...

WordPress Easy Modal 2.0.17 SQL Injection

DefenseCode ThunderScan SAST Advisory WordPress Easy Modal Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-007 Advisory Title: WordPress Easy Modal Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Easy Modal plugin...

IBM DB2 9.7 / 10.1 / 10.5 / 11.1 - Command Line Processor Buffer Overflow Exploit

Exploit for multiple platform in category dos / poc ''' IBM DB2 Command Line Processor Buffer Overflow Advisory Title: IBM DB2 Command Line Processor Buffer Overflow Advisory URL: http://www.defensecode.com/advisories/IBMDB2CommandLineProcessorBufferOverflow.pdf Software: IBM DB2 Version: V9.7,...

IBM DB2 9.7/10.1/10.5/11.1 - Command Line Processor Buffer Overflow

''' DefenseCode Security Advisory IBM DB2 Command Line Processor Buffer Overflow Advisory ID: DC-2017-04-002 Advisory Title: IBM DB2 Command Line Processor Buffer Overflow Advisory URL: http://www.defensecode.com/advisories/IBMDB2CommandLineProcessorBufferOverflow.pdf Software: IBM DB2 Version:...

WordPress Plugin Tribulant Newsletters 4.6.4.2 - File Disclosure Cross-Site Scripting

WordPress Plugin Tribulant Newsletters 4.6.4.2 - File Disclosure Cross-Site Scripting DefenseCode WebScanner DAST Advisory WordPress Tribulant Newsletters Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-012 Advisory Title: WordPress Tribulant Newsletters Plugin Multiple...

WordPress Plugin Tribulant Newsletters 4.6.4.2 - File Disclosure / Cross-Site Scripting

DefenseCode WebScanner DAST Advisory WordPress Tribulant Newsletters Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-012 Advisory Title: WordPress Tribulant Newsletters Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress...

WordPress No External Links 3.5.17 Cross Site Scripting Vulnerability

WordPress No External Links plugin versions 3.5.17 and below suffer from a cross site scripting vulnerability. Advisory Title: WordPress No External Links Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress No External Links Plugin Language: P...

WordPress No External Links 3.5.17 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory WordPress No External Links Plugin Security Vulnerability Advisory ID: DC-2017-01-022 Advisory Title: WordPress No External Links Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress No External Links Plugi...

WordPress Tribulant Newsletters 4.6.4.2 XSS / File Disclosure

DefenseCode WebScanner DAST Advisory WordPress Tribulant Newsletters Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-012 Advisory Title: WordPress Tribulant Newsletters Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress...

WordPress Simple Slideshow Manager 2.2 Cross Site Scripting Vulnerability

WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities. Advisory Title: WordPress Simple Slideshow Manager Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Simple Slidesh...

WordPress Simple Slideshow Manager 2.2 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory WordPress Simple Slideshow Manager Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-02-016 Advisory Title: WordPress Simple Slideshow Manager Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software:...

WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection

WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection DefenseCode ThunderScan SAST Advisory WordPress Huge-IT Video Gallery Plugin Security Vulnerability Advisory ID: DC-2017-01-009 Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection vulnerability Advisory URL:...

WordPress Huge-IT Video Gallery 2.0.4 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications DefenseCode ThunderScan SAST Advisory WordPress Huge-IT Video Gallery Plugin Security Vulnerability Advisory ID: DC-2017-01-009 Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection vulnerability Advisory URL:...

WordPress Huge-IT Video Gallery 2.0.4 SQL Injection

DefenseCode ThunderScan SAST Advisory WordPress Huge-IT Video Gallery Plugin Security Vulnerability Advisory ID: DC-2017-01-009 Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Huge-IT...

WordPress AffiliateWP 2.0.8 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory WordPress AffiliateWP Plugin Security Vulnerability Advisory ID: DC-2017-05-05 Advisory Title: WordPress AffiliateWP Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress AffiliateWP Plugin Language: PHP...

WordPress All In One Schema.org Rich Snippets 1.4.1 XSS

DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory ID: DC-2017-01-002 Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Softwar...

WordPress Huge-IT Video Gallery plugin <=2.0.4 - SQL Injection vulnerability

SQL Injection vulnerability found by Neven Biruski DefenseCode in WordPress Huge-IT Video Gallery plugin version 2.0.4 and earlier versions. Solution Update WordPress Huge-IT Video Gallery plugin to the latest available version...

Chrome Browser Hack Opens Door to Credential Theft

A vulnerability in Google’s Chrome browser allows hackers to automatically download a malicious file onto a victim’s PC that could be used to steal credentials and launch SMB relay attacks. Bosko Stankovic, information security engineer at DefenseCode, found the flaw in the default configuration ...

WordPress WebDorado Gallery 1.3.29 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Source: http://www.defensecode.com/advisories/DC-2017-02-011WordPressWebDoradoGalleryPluginAdvisory.pdf DefenseCode ThunderScan SAST Advisory WordPress WebDorado Gallery Plugin - SQL Injection Vulnerability Advisory ID: DC-2017-02-011 Software...

'High Risk' Zero-Day Leaves 200,000 Magento Merchants Vulnerable

A popular version of the open source Magento ecommerce platform is vulnerable to a zero-day remote code execution vulnerability, putting as many as 200,000 online retailers at risk. The warning comes from security firm DefenseCode, which found and originally reported the vulnerability to Magento ...