WooCommerce Catalog Enquiry - Arbitrary File Upload

Email from user: "A 'fix' for the file upload vulnerability seems to have been introduced in version 3.0.2 with the cryptic description "Fixed some data issues." However I hope you're aware that the vulnerability still exists and can be exploited by simply changing Content-Type in the HTTP reques...

CVE-2014-5120

gdctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the 1 imagegd, 2 imagegd2, 3 imagegif, 4 imagejpeg, 5...

simple forum 3.2 (fd/xss) Multiple Vulnerabilities

No description provided by source. SIMPLE FORUM v 3.2 MULTIPLE VULNERABILITIES author : tomplixsee my email : [email protected] software : SIMPLE FORUM v3.2 download : http://www.gerd-tentler.de/tools/forum/ 1.XSS vulnerable code on forum.php ? ..... ifisset$REQUEST'dateshow' $dateshow =...

simple32-xss.txt

SIMPLE FORUM v 3.2 MULTIPLE VULNERABILITIES author : tomplixsee my email : [email protected] software : SIMPLE FORUM v3.2 download : http://www.gerd-tentler.de/tools/forum/ 1.XSS vulnerable code on forum.php " " ..... example: http://target/path/forum.php?open="/alertdocument.cookie...

Simple Forum 3.2 - File Disclosure Cross-Site Scripting

Simple Forum 3.2 - File Disclosure Cross-Site Scripting SIMPLE FORUM v 3.2 MULTIPLE VULNERABILITIES author : tomplixsee my email : [email protected] software : SIMPLE FORUM v3.2 download : http://www.gerd-tentler.de/tools/forum/ 1.XSS vulnerable code on forum.php " " ..... example:...