Lucene search
K

8696 matches found

Prion
Prion
added 2018/08/28 5:29 p.m.15 views

Design/Logic Flaw

The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection...

6.8CVSS8.8AI score0.01498EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/08/28 5:0 p.m.18 views

CVE-2018-15571

The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection...

8.8AI score0.01498EPSS
Exploits1References2
CVE
CVE
added 2018/08/28 5:0 p.m.48 views

CVE-2018-15571

The CVE-2018-15571 entry concerns the WordPress Export Users to CSV plugin (versions up to 1.1.1). The connected documents confirm a CSV injection vulnerability in the plugin, enabling an attacker to craft CSV fields that execute commands when a CSV file is opened by a user with sufficient privil...

8.6CVSS8.7AI score0.01498EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2018/08/22 12:0 a.m.2 views

Arbitrary File Deletion Vulnerability in LibreHealthIO LH-EHR

LibreHealthIO LH-EHR is an open source electronic health record and medical practice management application. An arbitrary file deletion vulnerability exists in the export template in the LibreHealthIO LH-EHR REL-2.0.0 release. An attacker can exploit this vulnerability to cause a denial of servic...

7.1CVSS6.9AI score0.01467EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/22 12:0 a.m.0 views

Arbitrary File Write Vulnerability in LibreHealthIO LH-EHR

LibreHealthIO LH-EHR is an open source electronic health record and medical practice management application. An arbitrary file write vulnerability exists in the export template in the LibreHealthIO LH-HER REL-2.0.0 release. An attacker can exploit this vulnerability to write files with malicious...

8.8CVSS8.9AI score0.03286EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/21 12:0 a.m.2 views

Wordpress Plugin Ninja Forms CSV Injection Vulnerability

WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Software Foundation, which supports personal blog sites on servers with PHP and MySQL. Ninja Forms is the ultimate free form creation tool for WordPress. A CSV injection vulnerability exists in WordPress Nin...

7.4AI score
Exploits0References1
Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.51 views

WordPress Plugin Ninja Forms 3.3.13 - CSV Injection

Exploit Title: Wordpress Plugin Ninja Forms 3.3.13 - CSV Injection Exploit Author: Mostafa Gharzi Website: https://www.certcc.ir Date: 2018-08-19 Google Dork: N/A Vendor: The WP Ninjas Software Link: https://wordpress.org/plugins/ninja-forms/ Affected Version: 3.3.13 and before Active...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/08/16 12:0 a.m.19 views

WordPress Plugin Export Users to CSV 1.1.1 - CSV Injection

WordPress Plugin Export Users to CSV 1.1.1 - CSV Injection Exploit Title: Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-14 Google Dork: N/A Vendor: Matt Cromwell Software Link:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2018/08/16 12:0 a.m.29 views

WordPress Export Users To CSV 1.1.1 CSV Injection

Exploit Title: Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-14 Google Dork: N/A Vendor: Matt Cromwell Software Link: https://wordpress.org/plugins/export-users-to-csv/ Affected Version: 1.1.1 and before Acti...

Exploits0
0day.today
0day.today
added 2018/08/16 12:0 a.m.34 views

Wordpress Export Users to CSV 1.1.1 Plugin - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Matt Cromwell Software Link: https://wordpress.org/plugins/export-users-to-csv/ Affected Version:...

0.2AI score
Exploits0
wpexploit
wpexploit
added 2018/08/16 12:0 a.m.14 views

Export Users to CSV <= 1.1.1 - CSV Injection

WordPress Export users to CSV plugin version 1.1.1. and before are affected by Remote Code Execution through the CSV injection vulnerability. This allows an application user to inject commands as part of the fields of his profile and these commands are executed when a user with greater privilege...

6.8CVSS1.1AI score0.01498EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.27 views

WordPress Plugin Export Users to CSV 1.1.1 - CSV Injection

Exploit Title: Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-14 Google Dork: N/A Vendor: Matt Cromwell Software Link: https://wordpress.org/plugins/export-users-to-csv/ Affected Version: 1.1.1 and before Acti...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/08/14 7:0 a.m.90 views

August 14, 2018—KB4343892 (OS Build 10240.17946)

August 14, 2018—KB4343892 OS Build 10240.17946 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides protections against a new speculative execution side-channel vulnerability known as ...

9.3CVSS7.8AI score0.68242EPSS
Exploits14
Metasploit
Metasploit
added 2018/08/07 6:56 p.m.18 views

Serve DLL via webdav server

This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module creates a webdav server that hosts a dll file. When the user types the provided rundll32 command on a system, rundll32 will load the dll remotly and execute the provided export function. The export...

7.4AI score
Exploits0
OSV
OSV
added 2018/08/03 7:29 p.m.4 views

CVE-2018-5490

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release...

8.8CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2018/08/03 7:29 p.m.20 views

CVE-2018-5490

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release...

8.8CVSS8.6AI score0.00861EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.28 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i, Rational Developer for AIX and Linux, and Rational Developer for Power Systems Software (CVE-2015-0138, CVE-2015-0410, CVE-2015-0400, CVE-2014-6593)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and 7 that are used by Rational Developer for i, Rational Developer for AIX and Linux, and Rational Developer for Power Systems Software. These issues were disclosed as part of the IBM Java SDK updates in...

5CVSS0.9AI score0.67234EPSS
Exploits5Affected Software3
Packet Storm
Packet Storm
added 2018/08/02 12:0 a.m.25 views

TI Online Examination System 2 Arbitrary File Download

Exploit Title: TI Online Examination System v2 - Arbitrary File Download Dork: N/A Date: 02.08.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/ti-online-examination-system-v2/11248904 Version: 2.0 Category: Webapps Tested on: Kali linux Description : Th...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/08/01 12:0 a.m.5 views

Foxit Reader Arbitrary File Write Remote Code Execution Vulnerability (CNVD-2018-15093)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

8.8CVSS8.8AI score0.02773EPSS
Exploits0References1
OSV
OSV
added 2018/07/31 8:29 p.m.3 views

CVE-2018-14280

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.2AI score
Exploits0References2
Rows per page
Query Builder