8132 matches found
Oracle WebCenter Forms Recognition ActiveX Control Arbitrary File Creation (CVE-2012-1709)
A directory traversal vulnerability has been reported in Oracle WebCenter Forms Recognition. The vulnerability is due to insufficient validation of parameters used in certain methods in the CroProj.dll ActiveX control. A remote attacker can exploit this vulnerability by enticing a target user to...
WordPress MM Forms Community 2.2.6 File Upload
File upload vulnerability in WordPress MM Forms Community plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
http-sql-injection NSE Script
Spiders an HTTP server looking for URLs containing queries vulnerable to an SQL injection attack. It also extracts forms from found websites and tries to identify fields that are vulnerable. The script spiders an HTTP server looking for URLs containing queries. It then proceeds to combine crafted...
CVE-2012-3574
Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...
CVE-2012-3574
The CVE-2012-3574 issue affects the WordPress MM Forms Community plugin (versions 2.2.5 and 2.2.6). A flaw in includes/doajaxfileupload.php allows unrestricted/arbitrary file uploads, enabling remote code execution by uploading a file with an executable extension and validating it via a request t...
http-form-fuzzer NSE Script
Performs a simple form fuzzing against forms found on websites. Tries strings and numbers of increasing length and attempts to determine if the fuzzing was successful. Script Arguments http-form-fuzzer.minlength the minimum length of a string that will be used for fuzzing, defaults to 300000...
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure
Description : Wordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability Version : 1.1.0 Link : http://wordpress.org/extend/easy-contact-forms-exporter/ Plugins : http://downloads.wordpress.org/plugin/easy-contact-forms-exporter.zip Date : 26-05-2012 Google Dork :...
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure Description : Wordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability Version : 1.1.0 Link : http://wordpress.org/extend/easy-contact-forms-exporter/ Plugins :...
WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure
WordPress Easy Contact Forms Export plugin is prone to an information disclosure vulnerability. It allows an attacker to obtain sensitive information that may aid in further attacks. Solution Update the plugin...
WordPress Easy Contact Forms Export 1.1.0 File Disclosure
Description : Wordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability Version : 1.1.0 Link : http://wordpress.org/extend/easy-contact-forms-exporter/ Plugins : http://downloads.wordpress.org/plugin/easy-contact-forms-exporter.zip Date : 26-05-2012 Google Dork :...
ordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability
Exploit for php platform in category web applications Description : Wordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability Version : 1.1.0 Link : http://wordpress.org/extend/easy-contact-forms-exporter/ Plugins :...
Wordpress MM Forms plugin file upload vulnerability
Exploit for php platform in category web applications +----------------------------------------------------------------------+ Exploit Title: wordpress mmforms plugin file upload vulnerability Google Dork: inurl:/wp-content/plugins/mm-forms/ Date: 07/06/2012 Author: Tunisian spl01t3r Software Lin...
WordPress MM Forms Community 2.2.5 / 2.2.6 Shell Upload
Description : Wordpress Plugins - MM Forms Community Arbitrary File Upload Vulnerability Version : 2.2.5 - 2.2.6 Link : http://wordpress.org/extend/plugins/mm-forms-community/ Plugins : http://downloads.wordpress.org/plugin/mm-forms-community.zip Date : 24-05-2012 Google Dork :...
MM Forms & MM Forms Community 2.2.6 - Unauthenticated Arbitrary File Upload
Attackers have been seen probing for the "/wp-content/plugins/mm-forms/includes/doajaxfileupload.php" file. PoC PostShell.php "@$uploadfile"; curlsetopt$ch, CURLOPTRETURNTRANSFER, 1; $postResult = curlexec$ch; curlclose$ch; print "$postResult"; ? Shell Access :...
Wordpress MM Forms Community Plugin 2.2.6 Arbitrary File Upload
Exploit for php platform in category web applications Description : Wordpress Plugins - MM Forms Community Arbitrary File Upload Vulnerability Version : 2.2.5 - 2.2.6 Link : http://wordpress.org/extend/plugins/mm-forms-community/ Plugins :...
WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload
MM Forms Community plugin is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also possible...
WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload
Description : Wordpress Plugins - MM Forms Community Arbitrary File Upload Vulnerability Version : 2.2.5 - 2.2.6 Link : http://wordpress.org/extend/plugins/mm-forms-community/ Plugins : http://downloads.wordpress.org/plugin/mm-forms-community.zip Date : 24-05-2012 Google Dork :...
WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload
WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload Description : Wordpress Plugins - MM Forms Community Arbitrary File Upload Vulnerability Version : 2.2.5 - 2.2.6 Link : http://wordpress.org/extend/plugins/mm-forms-community/ Plugins :...
WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload
MM Forms Community plugin is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also possible...
CVE-2012-2340
The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not specify sufficiently restrictive permissions, which allows remote authenticated users with the "access the site-wide contact form" permission to modify the module settings via unspecified vectors...