Fedora 24 : wordpress (2016-d9bd0c4830)

WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. See the Release announcement --- Packaging changes - provide nginx configuration - drop mandatory dependency on httpd only suggested and modphp...

Tiki Wiki Unauthenticated File Upload Vulnerability

This module exploits a file upload vulnerability in Tiki Wiki 'Tiki Wiki Unauthenticated File Upload Vulnerability', 'Description' = %q This module exploits a file upload vulnerability in Tiki Wiki = 15.1 which could be abused to allow unauthenticated users to execute arbitrary code under the...

Ultimate Member < 1.3.65 - Local File Inclusion

It was discovered that Ultimate Member is vulnerable to PHP File Inclusion. In order to exploit this issue an attacker must be able to place an arbitrary PHP file on the target system. Afterwards the attacker needs to lure an authenticated admin to visit a malicious page. Through CSRF the attacke...

Dswjcms /Lib/Action/Home/CenterAction.class.php SQL注入

No description provided by source...

Nextcloud: Avatar image upload and bypass real image verification

Hi We can bypass Avatar Upload image verification and extension uploading a php file or any other extension binding a valide jpeg image , there is no risk for the moment because the avatar is renamed to avatarupload on the remote server , but it ll be nice to secure this part of code . Example...

Kechuang interconnection CMS /cctrl/admin/news/contShow. php file id parameter SQL injection vulnerability

No description provided by source...

VulnCheck KEV: CVE-2016-15043

The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in resize.php file in versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities

Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product: ======================= AjaxExplorer v1.10.3.2 Manage server files through simple windows...

AjaxExplorer 1.10.3.2 CSRF / XSS / Command Execution

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AJAXEXPLORER-REMOTE-CMD-EXECUTION.txt + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product:...

Fanwe O2O /mapi/Lib/core/common.php 敏感信息泄漏

No description provided by source...

ManageEngine Desktop Central 8 / 9 < Build 91100 Multiple RCE

The ManageEngine Desktop Central application running on the remote host is version 8, or else version 9 prior to build 91100. It is, therefore, affected by multiple remote code execution vulnerabilities : - A flaw exists in the statusUpdate script due to a failure to properly sanitize user-suppli...

osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery

Advisory ID: HTB23284 Product: osCommerce Vendor: osCommerce Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: February 17, 2016 Vulnerability Type: PHP Fi...

WordPress Newsletter Pro 2.5.3.3 Open Redirect

^^^^^^^^^^^ ^ Exploit Title : Wordpress Newsletter Pro Plugin Open Redirect ^ Exploit Author : Ashiyane Digital Security Team ^ Vendor Homepage: http://www.thenewsletterplugin.com/downloads ^ Google Dork : inurl:newsletter-pro/do.php ^ Date : 06 Feb. 2016 ^ Tested On : Win 10 | CyberFox Browser &...

PHP File Manager 0.9.8 Authentication Bypass / Code Execution

PHP File Manager 0.9.8 http://phpfm.sourceforge.net/ is vulnerable to authentication bypass due to insecure implementation of register globals emulation. An attacker is able to override the blockKeys array and thus build a valid session and access all the protected functionality including executi...

WordPress Tubepress 2 Cross Site Scripting

^^^^^^^^^^^ ^ Exploit Title : Wordpress Tubepress Plugin v 2 Cross Site Scripting ^ Exploit Author : Ashiyane Digital Security Team ^ Vendor Homepage : https://wordpress.org/plugins/tubepress/ ^ Date: 13 Jan 2016 ^ Tested On : Win 10 | CyberFox Browser & Kali Linux | IceWeasel ^ ^^^^^^^^^^^ ^...

Zen Cart 1.5.4 - Local File Inclusion

Zen Cart 1.5.4 - Local File Inclusion Advisory ID: HTB23282 Product: Zen Cart Vendor: Zen Ventures, LLC Vulnerable Versions: 1.5.4 Tested Version: 1.5.4 Advisory Publication: November 25, 2015 without technical details Vendor Notification: November 25, 2015 Vendor Patch: November 26, 2015 Public...

Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion

Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion Advisory ID: HTB23281 Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details Vendor...

Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion

Advisory ID: HTB23281 Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 25, 2015...

bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability

bitrix.mpbuilder Bitrix module version 1.0.10 suffers from a local file inclusion vulnerability. Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details...

bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability

bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability. Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: Novemb...