6 matches found
WordPress Formidable Form Builder plugin <= 4.09.04 - Stored Cross-Site Scripting (XSS) vulnerability
Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Maximilian Barz in WordPress Formidable Form Builder plugin versions = 4.09.04. Solution Update the WordPress Formidable Form Builder plugin to the latest available version at least 4.09.05...
Macally WIFISD2-2A82 2.000.010 Privilege Escalation
Exploit Title: Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation Date: 03.12.2020 Exploit Author: Maximilian Barz and Daniel Schwendner Vendor Homepage: https://us.macally.com/products/wifisd2 Version: 2.000.010 Tested on: Kali Linux 5.7.0-kali1-amd64 CVE : CVE-2020-29669...
Exploit for Improper Authentication in Macally Wifisd2-2A82_Firmware
PoC exploit for CVE-2020-29669, an arbitrary file upload vulnera...
Tiki Wiki CMS Groupware 21.1 Authentication Bypass
Exploit Title: Tiki Wiki CMS Groupware 21.1 - Authentication Bypass Date: 01.08.2020 1st August 2020 Exploit Author: Maximilian Barz aka. Silky Vendor Homepage: tiki.org Software Link: https://jztkft.dl.sourceforge.net/project/tikiwiki/Tiki21.xUYScuti/21.1/tiki-21.1.zip Version: 21.1 Tested on:...
Tiki Wiki CMS Groupware 21.1 - Authentication Bypass
Exploit Title: Tiki Wiki CMS Groupware 21.1 - Authentication Bypass Date: 01.08.2020 1st August 2020 Exploit Author: Maximilian Barz aka. Silky Vendor Homepage: tiki.org Software Link: https://jztkft.dl.sourceforge.net/project/tikiwiki/Tiki21.xUYScuti/21.1/tiki-21.1.zip Version: 21.1 Tested on:...
Exploit for Improper Restriction of Excessive Authentication Attempts in Tiki
CVE-2020-15906 Writeup of CVE-2020-15906. Special Thanks to Fr...