4 matches found
Cross site scripting
The Target First WordPress Plugin v2.0, also previously known as Watcheezy, suffers from a critical unauthenticated stored XSS vulnerability. An attacker could change the licence key value through a POST on any URL with the 'weeWzKey' parameter that will be save as the 'weeID option and is not...
CVE-2021-24305 Target First Plugin 2.0 - Unauthenticated Stored XSS via Licence Key
The Target First WordPress Plugin v2.0, also previously known as Watcheezy, suffers from a critical unauthenticated stored XSS vulnerability. An attacker could change the licence key value through a POST on any URL with the 'weeWzKey' parameter that will be save as the 'weeID option and is not...
Target First Plugin 2.0 - Unauthenticated Stored XSS via Licence Key
The Target First WordPress Plugin, also previously known as Watcheezy, suffered from a critical unauthenticated stored XSS vulnerability. An attacker could change the licence key value through a POST on any URL with the "weeWzKey" parameter that will be save as the "weeID" option. The input value...
FTPShell Server 4.3 - Licence Key Remote Buffer Overflow (PoC)
!/usr/bin/perl Title: FTPShell Server 4.3 licence key Remote Buffer Overflow PoC Summary: FTPShell server is a windows FTP service that enables remote file downloads and uploads. It supports regular and secure FTP based on both SSL/TLS and SSH2. It is also extremely easy to configure and use...