PT-2025-11003 · WordPress · Workreap

Name of the Vulnerable Software and Affected Versions: Workreap plugin for WordPress versions up to, and including, 3.2.5 Description: The issue is due to the plugin not properly validating a user's identity prior to performing a social auto-login or updating their profile details, such as the...

DeluxeBB <= 1.09 Remote Admin Email Change Exploit

Exploit for unknown platform in category web applications ================================================== DeluxeBB unbufferedquery"UPDATE ".$prefix."users SET email='$xemail', msn='$xmsn', icq='$xicq', ... WHERE username='$membercookie'"; So, editing cookie "membercookie" you can change remote...