Lucene search
+L

10 matches found

Patchstack
Patchstack
added 2020/02/28 12:0 a.m.32 views

WordPress Booked premium plugin <= 2.2.5 - Broken Authentication vulnerability leading to Sensitive Information disclosure

Broken Authentication vulnerability leading to Sensitive Information disclosure discovered by Noman Riffat in WordPress Booked premium plugin versions = 2.2.5. Solution Update the WordPress Booked premium plugin to the latest available version at least 2.2.6...

2.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/02/10 12:0 a.m.16 views

WordPress Profile Builder plugin <= 3.1.0 - User Registration With Administrator Role vulnerability

User Registration With Administrator Role vulnerability found by Noman Riffat in WordPress Profile Builder plugin versions = 3.1.0. Solution Update the WordPress Profile Builder plugin to the latest available version at least 3.1.1...

3.7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2020/02/10 12:0 a.m.11 views

WordPress Profile Builder Pro plugin <= 3.1.0 - User Registration With Administrator Role vulnerability

User Registration With Administrator Role vulnerability found by Noman Riffat in WordPress Profile Builder Pro plugin versions = 3.1.0. Solution Update the WordPress Profile Builder Pro plugin to the latest available version at least 3.1.1...

3.3AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2020/02/06 12:0 a.m.9 views

Ultimate Membership Pro plugin <= 8.6 - Multiple Critical Vulnerabilities

Multiple Critical Vulnerabilities found by Noman Riffat in Ultimate Membership Pro plugin versions = 8.6. Solution Update the Ultimate Membership Pro plugin to the latest available version at least 8.6.1...

2.8AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2020/01/19 12:0 a.m.10 views

WordPress Batch-Move Posts plugin <= 1.5 - Broken Authentication vulnerability leading to Unauthenticated Stored Cross-Site Scripting (XSS)

Broken Authentication vulnerability leading to Unauthenticated Stored Cross-Site Scripting XSS discovered Noman Riffat in WordPress Batch-Move Posts plugin versions = 1.5. Solution Plugin closed. Deactivate and delete...

2.4AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2019/11/14 12:0 a.m.274 views

Xfilesharing 2.5.1 Local File Inclusion / Shell Upload

Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...

8.7AI score0.45361EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.473 views

Xfilesharing 2.5.1 - Arbitrary File Upload

Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...

9.8CVSS8.9AI score0.45361EPSS
Exploits6
exploitpack
exploitpack
added 2019/09/19 12:0 a.m.66 views

Western Digital My Book World II NAS 1.02.12 - Authentication Bypass Command Execution

Western Digital My Book World II NAS 1.02.12 - Authentication Bypass Command Execution Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, Nationa...

7.5CVSS0.07079EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/09/19 12:0 a.m.297 views

Western Digital My Book World II NAS 1.02.12 Hardcoded Credential

Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, National Security Services Group NSSG Vendor Homepage: https://wd.com/ Software Link:...

9.7AI score0.07079EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/19 12:0 a.m.493 views

Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution

Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, National Security Services Group NSSG Vendor Homepage: https://wd.com/ Software Link:...

9.8CVSS9.8AI score0.07079EPSS
Exploits5
Rows per page
Query Builder