Quick CMS 6.7 Shell Upload

Title : Authenticated Shell Upload Product : Quick CMS Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window & Linux Date : 11/06/2024 Report : Already contact the vendor but no response Affected path : admin.php , core/common-admin.php,...

Quick Cart 6.7 Shell Upload

Title : Authenticated Remote Code Execution & Shell Upload Product : Quick Cart Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window & Linux Date : 11/06/2024 Affected path : admin.php , core/common-admin.php, database/config.php Affected function :...

WordPress MapifyLife plugin <= 3.3.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Eagle Eye in WordPress MapifyLife plugin versions = 3.3.0. Solution 2021-04-09 - we were unable to find a patched version of this plugin...

WordPress Super Store Finder premium plugin <= 6.3 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by Eagle Eye in WordPress Super Store Finder premium plugin versions = 6.3. Solution Plugin vendor claims that vulnerability is patched in version 6.4...

WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection Vulnerability

?php Title : SuperStoreFinder & SuperInteractiveMaps Wordpress Plugin SQL Injection Researcher : Eagle Eye Exploit Name : SSF & SIM SQL Injection Request type : POST Plugin Author : Joe lz Plugin Website : https://superstorefinder.net/ Version Affected : All version include latest 6.3 Tested on :...