10 matches found
WordPress Booked premium plugin <= 2.2.5 - Broken Authentication vulnerability leading to Sensitive Information disclosure
Broken Authentication vulnerability leading to Sensitive Information disclosure discovered by Noman Riffat in WordPress Booked premium plugin versions = 2.2.5. Solution Update the WordPress Booked premium plugin to the latest available version at least 2.2.6...
WordPress Profile Builder plugin <= 3.1.0 - User Registration With Administrator Role vulnerability
User Registration With Administrator Role vulnerability found by Noman Riffat in WordPress Profile Builder plugin versions = 3.1.0. Solution Update the WordPress Profile Builder plugin to the latest available version at least 3.1.1...
WordPress Profile Builder Pro plugin <= 3.1.0 - User Registration With Administrator Role vulnerability
User Registration With Administrator Role vulnerability found by Noman Riffat in WordPress Profile Builder Pro plugin versions = 3.1.0. Solution Update the WordPress Profile Builder Pro plugin to the latest available version at least 3.1.1...
Ultimate Membership Pro plugin <= 8.6 - Multiple Critical Vulnerabilities
Multiple Critical Vulnerabilities found by Noman Riffat in Ultimate Membership Pro plugin versions = 8.6. Solution Update the Ultimate Membership Pro plugin to the latest available version at least 8.6.1...
WordPress Batch-Move Posts plugin <= 1.5 - Broken Authentication vulnerability leading to Unauthenticated Stored Cross-Site Scripting (XSS)
Broken Authentication vulnerability leading to Unauthenticated Stored Cross-Site Scripting XSS discovered Noman Riffat in WordPress Batch-Move Posts plugin versions = 1.5. Solution Plugin closed. Deactivate and delete...
Xfilesharing 2.5.1 Local File Inclusion / Shell Upload
Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...
Xfilesharing 2.5.1 - Arbitrary File Upload
Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass Command Execution
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass Command Execution Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, Nationa...
Western Digital My Book World II NAS 1.02.12 Hardcoded Credential
Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, National Security Services Group NSSG Vendor Homepage: https://wd.com/ Software Link:...
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution
Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, National Security Services Group NSSG Vendor Homepage: https://wd.com/ Software Link:...