Responsive Filemanager 9.13.1 - Server-Side Request Forgery

Exploit Title: Responsive filemanager 9.13.1 - Server-Side Request Forgery Date: 2018-07-29 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: http://responsivefilemanager.com/ Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.13.1/responsivefilemanager.zip...

WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "WordPress Responsive Thumbnail Slider Arbitrary File Upload", 'Description' = %q This module exploits an arbitrary file upload vulnerability in...

WordPress Responsive Thumbnail Slider Plugin - Arbitrary File Upload Exploit

Exploit for php platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "WordPress Responsive Thumbnail Slider Arbitrary File Upload", 'Description' = %q This module...

WordPress Responsive Thumbnail Slider Arbitrary File Upload

This module exploits an arbitrary file upload vulnerability in Responsive Thumbnail Slider Plugin v1.0 for WordPress post authentication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "WordPre...

responsive-shop.com XSS vulnerability

Open Bug Bounty ID: OBB-646087 Description| Value ---|--- Affected Website:| responsive-shop.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-7783

If a long user name is used in a username/password combination in a site URL such as " http://UserName:[email protected]", the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox 55...

CVE-2017-5419

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service DOS attack. This vulnerability affects Firefox 52 and Thunderbird 52...

CVE-2017-5419

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service DOS attack. This vulnerability affects Firefox 52 and Thunderbird 52...

PrestaShop Responsive Mega Menu Pro Module SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop. The solution provides a variety of payment methods , short message alerts and product image scaling and other features.Attribute Wizard addon is one of the product attribute add module.Responsive Mega Menu...

CVE-2018-8824

modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter...

Sql injection

modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter...

CVE-2018-8824

The vulnerability CVE-2018-8824 affects the PrestaShop Responsive Mega Menu Pro module version 1.0.32 (for PrestaShop 1.5.5.0–1.7.2.5). The issue is a SQL injection in modules/bamegamenu/ajax_phpcode.php exposed via the code parameter, reported across multiple sources (NVD, CNVD, OSV, OpenVAS) as...

WordPress Responsive Cookie Consent plugin <=1.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found in WordPress Responsive Cookie Consent plugin versions =1.7. Solution Update the WordPress Responsive Cookie Consent plugin to the latest available version at least 1.8...

CVE-2018-10309

The CVE-2018-10309 entry describes an XSS in the WordPress plugin Responsive Cookie Consent prior to version 1.8. Concrete details from connected sources show the vulnerability stems from mishandling numeric fields, allowing injected HTML/Script to execute in a victim’s browser when visiting the ...

VX Search 10.6.18 - directory Local Buffer Overflow

VX Search 10.6.18 - directory Local Buffer Overflow !/usr/bin/python Title: VX Search 10.6.18 Local Buffer Overflow Author: Kevin McGuigan Twitter: @h3xagram Author Website: https://www.7elements.co.uk Vendor Website: http://www.vxsearch.com Version: 10.6.18 Date: 18/04/2018 Tested on: Windows 7...

Arbitrary Code Execution Vulnerability in the HTML5 Responsive Website Building System of Huizhou Fire Phoenix Network Technology Co.

Huizhou Fire Phoenix Network Technology Co., Ltd. provides one-stop website production, website promotion, APP development, WeChat development, data analysis, software development, dynamic creative, cell phone website, Taobao store permanent code decoration, FLASH animation, to program developmen...

CVE-2018-8823

modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter...

Rainmap Lite - Responsive Web Based Interface That Allows Users To Launch Nmap Scans From Their Mobiles/Tablets/Web Browsers

Rainmap Lite - Responsive web application that allows users to launch Nmap scans from their mobiles/tablets/web browsers! Unlike it's predecessor 1, Rainmap-lite does not require special services RabbitMQ, PostgreSQL, Celery, supervisor, etc to make it easy to install on any server. You simply ne...

StaCoAn - Crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL's of API's Decryption keys Major coding...

CVE-2018-1000131

Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site,...