WordPress Custom Contact Forms Plugin <= 5.1.0.3 - Database Import/Export

This plugin is prone to a database import/export vulnerabilities. Solution Update the plugin...

CVE-2015-1673

The Windows Forms aka WinForms libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."...

Privilege escalation

The Windows Forms aka WinForms libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."...

CVE-2015-1673

CVE-2015-1673 affects the Windows Forms (WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2. It is described as a memory-handling vulnerability in WinForms that, when a crafted partial-trust application is used, allows a user-assisted remote att...

CVE-2015-1673

The Windows Forms aka WinForms libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."...

Microsoft .NET Framework Privilege Elevation Vulnerability (3057134)

This host is missing an important security update according to Microsoft Bulletin MS15-048. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-048: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by multiple vulnerabilities : - A denial of service vulnerability exists in the Microsoft .NET Framework due to a recursion flaw that occurs when decrypting XML data. A remote attacker can exploit this,...

CakePHP 3.0.4 Released

CakePHP 3.0.4 Released The CakePHP core team is happy to announce the immediate availability of CakePHP 3.0.4. This is a maintenance release that contains security fixes and bugfixes. Security Fixes There are two issues that can impact the security of a CakePHP application: CsrfComponent fails to...

Drupal Smart Trim Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP. Smart Trim Module for Drupal is a module application for Drupal. The Drupal Smart Trim Module for Drupal handles cross-site scripting vulnerabilities in field setup forms, allowing remote attackers to exploit the...

WordPress NEX-Forms 3.0 SQL Injection

SQL Injection vulnerability in WordPress NEX-Forms plugin nexformsId parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Multiple Cross-Site Scripting Vulnerabilities in SearchBlox

SearchBlox is the U.S. SearchBlox company a set of open source and free of charge based on Lucene full-text search engine toolkit to build enterprise search and analytics solutions. The program provides a Web-based management interface , you can manage the entire search system . A cross-site...

WordPress NEX-Forms 3.0 SQL Injection

Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : https://wordpress.org/plugins/nex-forms-express-wp-form-builder/ Software Link :...

WordPress Plugin NEX-Forms 3.0 - SQL Injection

WordPress Plugin NEX-Forms 3.0 - SQL Injection Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...

Wordpress NEX-Forms 3.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...

WordPress Plugin NEX-Forms &lt; 3.0 - SQL Injection

Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : https://wordpress.org/plugins/nex-forms-express-wp-form-builder/ Software Link :...

WordPress NEX-Forms 3.0 SQL Injection

AUTOR SCRIPT: Cleiton Pinheiro / Nick: googleINURL Exploit name: MINI 3xplo1t-SqlMap - WordPress NEX-Forms 3.0 SQL Injection Vulnerability Type: SQL Injection Email: [email protected] Blog: http://blog.inurl.com.br Twitter: https://twitter.com/googleinurl Fanpage: https://fb.com/InurlBrasil...

WordPress NEX-Forms <= 2.9 - SQL Injection

This WordPress NEX-Forms plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

NEX-Forms - Ultimate Form builder <= 3.0 - SQL Injection

The NEX-Forms – Ultimate Form Builder – Contact forms and much more WordPress plugin was affected by an Ultimate Form builder = 3.0 - SQL Injection security vulnerability...

Ninja Forms <= 2.9.10 - Cross-Site Scripting (XSS)

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

Moodle 2.0.x < 2.0.5 / 2.1.x < 2.1.2 Multiple Vulnerabilities

Binary data 8713.prm...