192 matches found
WordPress RB Agency Plugin Local File Disclosure Vulnerability
WordPress RB Agency Plugin is prone to local file disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress Plugin RB Agency 2.4.7 - Local File Disclosure
WordPress Plugin RB Agency 2.4.7 - Local File Disclosure Exploit Title : WordPress RB Agency 2.4.7 Plugin - Local File Disclosure Exploit Author : Persian Hack Team Vendor Homepage : http://rbplugin.com/ Category Webapps Tested on Win Version : 2.4.7 Date 2016/09/03 PoC The Vulnerable page is...
WordPress RB Agency 2.4.7 Plugin - Local File Disclosure
Exploit for php platform in category web applications Exploit Title : WordPress RB Agency 2.4.7 Plugin - Local File Disclosure Exploit Author : Persian Hack Team Vendor Homepage : http://rbplugin.com/ Category Webapps Tested on Win Version : 2.4.7 Date 2016/09/03 PoC The Vulnerable page is...
WordPress Plugin RB Agency 2.4.7 - Local File Disclosure
Exploit Title : WordPress RB Agency 2.4.7 Plugin - Local File Disclosure Exploit Author : Persian Hack Team Vendor Homepage : http://rbplugin.com/ Category Webapps Tested on Win Version : 2.4.7 Date 2016/09/03 PoC The Vulnerable page is /ext/forcedownload.php...
WordPress RB Agency 2.4.7 File Disclosure
Exploit Title : WordPress RB Agency 2.4.7 Plugin - Local File Disclosure Exploit Author : Persian Hack Team Vendor Homepage : http://rbplugin.com/ Category Webapps Tested on Win Version : 2.4.7 Date 2016/09/03 PoC The Vulnerable page is /ext/forcedownload.php...
WordPress RB Agency Plugin 2.4.7 - Local File Disclosure
A Local File Disclosure vulnerability was found in WordPress RB Agency 2.4.7. It allows remote attackers to see the path to the webroot/file. Solution Update RB Agency Plugin to the latest version...
FanApp v2 for RB Leipzig - Customized SSL, Dynamic Code Loading, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application FanApp v2 for RB Leipzig published at the 'play' market has multiple vulnerabilities...
RubyGems xaviershay-dm-rails 'storage.rb' MySQL Information Disclosure Vulnerability
RubyGems xaviershay-dm-rails is a Ruby application. A security vulnerability in RubyGems xaviershay-dm-rails 'storage.rb' allows remote attackers to exploit a vulnerability to obtain sensitive MySQL authentication credential information...
Suning a backstage bypass arbitrary file upload-vulnerability warning-the black bar safety net
http://58.213.19.68/users/signin Suning Plaza phone the client back-end management system http://58.213.19.68/users/signup you can register for an account Then login ! Snip2015010713. png Point into the background is not entitled to limit access, but the system using rb to develop The error...
Design/Logic Flaw
The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...
Fedora 20 : ReviewBoard-1.7.22-2.fc20 (2014-3446)
New upstream security release 1.7.22 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.22/ - Security Fixes : - An XSS vulnerability was found in the Search field's auto-complete. - New Features : - Added support for anonymous access to public Local Sites. - Added support for...
CVE-2013-2209
The CVE-2013-2209 entry corresponds to a Cross-Site Scripting (XSS) in the auto-complete widget (reviews.js) of Review Board. Affected versions are Review Board 1.6.x prior to 1.6.17 and 1.7.x prior to 1.7.10, where an attacker could inject arbitrary script/HTML via the full name. Public details ...