DOKEOS ce30 Authentication Bypass

Advisory ID: HTB23289 Product: DOKEOS Vendor: DOKEOS Vulnerable Versions: ce30 and probably prior Tested Version: ce30 Advisory Publication: January 7, 2016 without technical details Vendor Notification: January 7, 2016 Public Disclosure: February 17, 2016 Vulnerability Type: Improper...

WordPress WP Membership 1.2.3 Cross Site Scripting

Exploit Title: WordPress WP Membership plugin Stored XSS Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE: CVE-2015-4039...