Lucene search
K

7 matches found

0day.today
0day.today
added 2017/04/07 12:0 a.m.408 views

Moodle 2.x/3.x - SQL Injection Exploit

Exploit for php platform in category web applications Exploit: Moodle SQL Injection via Object Injection Through User Preferences Date: April 6th, 2017 Exploit Author: Marko Belzetski Contact: email protected Vendor Homepage: https://moodle.org/ Version: 3.2 to 3.2.1, 3.1 to 3.1.4, 3.0 to 3.0.8,...

7.5CVSS9.2AI score0.1453EPSS
Exploits4
ThreatPost
ThreatPost
added 2017/03/21 2:48 p.m.35 views

Critical Moodle Vulnerability Could Lead to Server Compromise

A critical vulnerability in Moodle, an open source PHP-based learning management system deployed across scores of schools and universities, could expose the server its running on to compromise. Tens of thousands of universities worldwide, including the California State University system, the...

7.5CVSS0.1AI score0.1453EPSS
Exploits4References15
Packet Storm
Packet Storm
added 2016/05/18 12:0 a.m.108 views

Magento Unauthenticated Arbitrary File Write

arbitrary write file // Date: 18/05/206 // Exploit Author: agix discovered by NETANEL RUBIN // Vendor Homepage: https://magento.com // Version: /shipping-information // in the response check the payment method it may vary from checkmo // // If you didn't provide whereToWrite, it will execute...

0.5AI score0.92869EPSS
Exploits10
OpenVAS
OpenVAS
added 2015/08/11 12:0 a.m.43 views

Debian Security Advisory DSA 3332-1 (wordpress - security update)

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site. CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved. The parsing is a bit more strict, which may affect yo...

7.5CVSS0.1AI score0.10986EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.34 views

Debian DSA-3183-1 : movabletype-opensource - security update

Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...

7.5CVSS6.3AI score0.75029EPSS
Exploits5References10
Packet Storm
Packet Storm
added 2014/02/03 12:0 a.m.54 views

MediaWiki 1.22.1 PdfHandler Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to params /extensions/PdfHandler/PdfHandlerbody.php --...

6CVSS0.8AI score0.42777EPSS
Exploits12
exploitpack
exploitpack
added 2014/02/01 12:0 a.m.49 views

MediaWiki 1.22.1 PdfHandler - Remote Code Execution

MediaWiki 1.22.1 PdfHandler - Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to...

6CVSS0.8AI score0.42777EPSS
Exploits12
Rows per page
Query Builder