WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Lin...

WordPress WP Fanzone 3.1 SQL Injection

Exploit Title : Built with WordPress and WP FanZone Themes 3.1 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/01/2020 Vendor Homepage : wordpress.org - wpdevshed.com/wp-fanzone-theme/ Software Download Link :...

CVE-2015-9492

CVE-2015-9492 affects ThemeMakers SmartIT Premium Responsive theme for WordPress (up to 2015-05-15). The vulnerability allows remote attackers to disclose sensitive user data (user_login, user_pass, user_email) by requesting the file wp-content/uploads/tmm_db_migrate/wp_users.dat. The root cause ...

CVE-2015-9491

The CVE-2015-9491 entry concerns ThemeMakers Blessing Premium Responsive theme for WordPress (

CVE-2015-9489

The CVE-2015-9489 entry concerns ThemeMakers Goodnex Premium Responsive theme for WordPress (through 2015-05-15). The connected documents specify that the vulnerability allows remote attackers to obtain sensitive information (user_login, user_pass, user_email) by directly requesting the file wp-c...

CVE-2015-9488

The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information such as userlogin, userpass, and useremail values via a direct request for the wp-content/uploads/tmmdbmigrate/wpusers.dat URI...

CVE-2015-9485

The CVE-2015-9485 entry concerns ThemeMakers Accio Responsive Parallax One Page Site Template for WordPress (pre-2015-05-15). Affected component/processes allow remote attackers to retrieve sensitive credentials by directly requesting wp-content/uploads/tmm_db_migrate/wp_users.dat, leading to exp...

CVE-2014-10388

CVE-2014-10388 affects the WordPress plugin wp-support-plus-responsive-ticket-system prior to version 4.2. Multiple connected sources (RH, NVD, CVE lists, WPVulnDB) consistently describe a full path disclosure vulnerability in this plugin, enabling disclosure of server file paths. Public details ...

CVE-2018-20794

CVE-2018-20794 affects tecrail Responsive FileManager (version 9.13.4). The flaw is a path traversal in the save_img action of ajax_calls.php, enabling remote attackers to write to arbitrary image files (jpg/jpeg/png). The issue originates from how the path parameter is handled, allowing modifica...

Joomla LightGallery 1.2.1 SQL Injection

Exploit Title : Joomla LightGallery Components 1.2.1 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 14/02/2019 Vendor Homepage : joompolitan.com Software Download Link : joompolitan.com/lightgallery.html...

CVE-2018-16780

CVE-2018-16780 affects Complete Responsive CMS Blog up to 2018-05-20 and is due to an XSS via user comments. The available documents confirm the vulnerability type but do not provide product version details, exact vulnerable components, root cause specifics, exploit information, or remediation st...

Responsive Filemanager 9.13.1 - Server-Side Request Forgery

Responsive Filemanager 9.13.1 - Server-Side Request Forgery Exploit Title: Responsive filemanager 9.13.1 - Server-Side Request Forgery Date: 2018-07-29 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: http://responsivefilemanager.com/ Software Link:...

Advance Loan Management System - id SQL Injection

Advance Loan Management System - id SQL Injection Exploit Title: Advance Loan Management System - 'id' SQL Injection Date: 2018-01-31 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/ Software Link:...

CVE-2017-12977

CVE-2017-12977 affects the Web-Dorado Photo Gallery by WD – Responsive Photo Gallery WordPress plugin prior to 1.3.51. The vulnerability is a SQL injection in bwg_edit_tag() (photo-gallery.php) and edit_tag() (admin/controllers/BWGControllerTags_bwg.php) that is exploitable by administrators via ...

WordPress WebDorado Gallery 1.3.29 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Source: http://www.defensecode.com/advisories/DC-2017-02-011WordPressWebDoradoGalleryPluginAdvisory.pdf DefenseCode ThunderScan SAST Advisory WordPress WebDorado Gallery Plugin - SQL Injection Vulnerability Advisory ID: DC-2017-02-011 Software...

mosh - Mobile Shell replacement for SSH (more robust and responsive, especially over Wi-Fi, cellular, and long-distance links)

Mosh is a remote terminal application that supports intermittent connectivity, allows roaming, and provides speculative local echo and line editing of user keystrokes. It aims to support the typical interactive uses of SSH, plus: Mosh keeps the session alive if the client goes to sleep and wakes ...

[SECURITY] Fedora 23 Update: drupal7-theme-zen-5.6-1.fc23

Zen is a powerful, yet simple, HTML5 starting theme with a responsive, mobile-first grid design. If you are building your own standards-compliant theme, you will find it much easier to start with Zen than to start with Garland or Stark. This theme has fantastic online documentation...

LineNity WP Premium Theme Local File Inclusion

Document Title: =============== LineNity WP Premium Theme - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1645 Release Date: ============= 2015-11-15 Vulnerability Laboratory ID VL-ID: ==================================== 164...

LineNity WP Premium Theme - File Include Vulnerability

Document Title: =============== LineNity WP Premium Theme - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1645 Release Date: ============= 2015-11-15 Vulnerability Laboratory ID VL-ID: ==================================== 164...

WordPress SmartIT Premium Responsive - Information Disclosure

Because of this vulnerability, the attackers can obtain sensitive information. Solution Update the theme...