WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Lorenzo Camilli in WordPress Plugin Contest Gallery versions = 28.0.0...

BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)

Exploit for windows platform in category remote exploits Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7...

Openconstructor CMS 3.12.0 - &#039;id&#039; Multiple SQL Injections

Title: Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities Affected Software: http://www.openconstructor.org/ http://code.google.com/p/openconstructor/downloads/list http://esectorsolutions.com/about/whats-new/esector-news/detailed/?id=234 Description: Openconstructor...

[SA19096] Aztek Forum Message Body Script Insertion Vulnerability

TITLE: Aztek Forum Message Body Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19096 VERIFY ADVISORY: http://secunia.com/advisories/19096/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Aztek Forum http://secunia.com/product/4254/ DESCRIPTION: loren...

Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)

No description provided by source. /==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message including the...