WordPress 4.7.0 / 4.7.1 Plugin Insert PHP - PHP Code Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection Exploit Author: sucuri.net @sucurisecurity Date: 2017-02-09 Google Dork : inurl:/wp-content/plugins/insert-php/ Vendor Homepage:...

WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection

Exploit Title: WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection Exploit Author: sucuri.net @sucurisecurity Date: 2017-02-09 Google Dork : inurl:/wp-content/plugins/insert-php/ Vendor Homepage: https://fr.wordpress.org/plugins/insert-php/ Tested on: MSWin32 Version: 3.3.1 Explanation :...

WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection

WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection Exploit Title: WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection Exploit Author: sucuri.net @sucurisecurity Date: 2017-02-09 Google Dork : inurl:/wp-content/plugins/insert-php/ Vendor Homepage:...

CVE-2017-3281

Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

Buffer overflow

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters . Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2016-8306

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2016-8282

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2016-8323

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2017-3314

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 12.0.0, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

MariaDB Server 10.1.x < 10.1.21 Multiple Vulnerabilities

Binary data 9915.prm...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2017-01022)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Oracle One-to-One Fulfillment is one of the...

openWYSIWYG Insert Image 1.4.7 Arbitrary File Upload Vulnerability

openWYSIWYG Insert Image version 1.4.7 suffers from a remote arbitrary unauthenticated file upload vulnerability Exploit Title: openWYSIWYG | Insert Image v1.4.7 / Unauthenticated File Upload Date: 2017-1-15 Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Home :...

libreoffice: Heap-buffer-overflow in tools::Polygon::Insert

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6633131901714432 Project: libreoffice Fuzzer: libFuzzerlibreofficewmffuzzer Fuzz target binary: wmffuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type...

Spoofing Via Manifest

borgbackup is vulnerable to spoofing attacks. It does not verify the manifest, allowing an attacker to spoof. To exploit the vulnerability, it requires an attacker to be able to insert files with no additional headers into backups, and have write access to the repository. This vulnerability does...

Apple macOS 10.12.2 iOS 10.2 - _kernelrpc_mach_port_insert_right_trap Kernel Reference Count Leak Use-After-Free

Apple macOS 10.12.2 iOS 10.2 - kernelrpcmachportinsertrighttrap Kernel Reference Count Leak Use-After-Free / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=941 Proofs of Concept: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/40956.zip The...

Microsoft Internet Explorer 9 - MSHTML CDisp­Node::Insert­Sibling­Node Use-After-Free (MS13-037) (1)

Microsoft Internet Explorer 9 - MSHTML CDisp­Node::Insert­Sibling­Node Use-After-Free MS13-037 1 window.onload=functionlocation.reload;; text .float float:left; .zoom zoom:3000%; .border::first-letter...

WordPress Plugin Insert Html Snippet Cross-Site Request Forgery Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . A cross-site request forgery vulnerability exists in Wordpress plugin Insert Html Snippet version 1.2. The...

WordPress Insert Html Snippet 1.2 Cross Site Request Forgery Vulnerability

WordPress Insert Html Snippet plugin version 1.2 suffers from a cross site request forgery vulnerability. ------------------------------------------------------------------------ Cross-Site Request Forgery in Insert Html Snippet WordPress Plugin...

WordPress Insert Html Snippet 1.2 Cross Site Request Forgery

------------------------------------------------------------------------ Cross-Site Request Forgery in Insert Html Snippet WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

Unspecified Vulnerability in Oracle Sun Systems Products Suite Oracle Solaris Component

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in the Bash subcomponent of the Oracle Solaris component version 10 of the Oracle Sun Systems Products Suite. An...