WordPress ALO EasyMail NewsLetter 2.6.01 Plugin - Cross-Site Request Forgery

Exploit for php platform in category web applications Exploit Title: Wordpress ALO EasyMail Newsletter plugin cross-site request forgery vulnerability Software Link: https://wordpress.org/plugins/alo-easymail/ Affected Version: 2.6.01 Exploit Author: Mohsen Lotfi Contact: email protected Twitter:...

WordPress Plugin ALO EasyMail NewsLetter 2.6.01 - Cross-Site Request Forgery

Exploit Title: Wordpress ALO EasyMail Newsletter plugin cross-site request forgery vulnerability Software Link: https://wordpress.org/plugins/alo-easymail/ Affected Version: 2.6.01 Exploit Author: Mohsen Lotfi Contact: [email protected] Twitter: foxonefoxone Date: 01-16-2016 1. Descripti...

File Hub 3.3 Arbitrary File Upload / Script Insertion

Document Title: =============== File Hub v3.3 iOS Wifi - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1695 Release Date: ============= 2016-02-01 Vulnerability Laboratory ID VL-ID: ==================================== 1695...

WordPress Slideshow Plugin <= 2.1.14 - Multiple Script Insertion Vulnerabilities

This plugin is prone to multiple script insertion vulnerabilities. Attackers can conduct script insertion attacks. Solution Update plugin...

WordPress Slideshow Plugin <= 2.1.14 - Multiple Script Insertion Vulnerabilities

This plugin is prone to multiple script insertion vulnerabilities. Attackers can conduct script insertion attacks. Solution Update plugin...

eBay Magento Persistent Script Insertion

Document Title: =============== Ebay Magento Bug Bounty 10 - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1457 eBay Inc. Bug Bounty Program ID: EIBBP-31603 Video: https://www.youtube.com/watch?v=WffsHd8pibE Release...

Bashi 1.6 Script Insertion

Document Title: =============== Bashi v1.6 iOS - Persistent Mail Encoding Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1852 Release Date: ============= 2016-05-25 Vulnerability Laboratory ID VL-ID: ==================================== 18...

iClassSchedule 1.6 Script Insertion

Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1494 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID VL-ID:...

WordPress Mac Photo Gallery Plugin <= 2.9 - Multiple Vulnerabilities

This plugin is prone to multiple script insertion vulnerabilities. Because of them, attackers can conduct script insertion attacks. Solution Upgrade plugin...

SevDesk 1.1 Persistent Script Insertion

Document Title: =============== SevDesk v1.1 iOS - Persistent Dashboard Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1311 Release Date: ============= 2015-04-23 Vulnerability Laboratory ID VL-ID: ==================================== 1311...

iPassword Manager 2.6 Script Insertion

Document Title: =============== iPassword Manager v2.6 iOS - Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1453 Release Date: ============= 2015-04-21 Vulnerability Laboratory ID VL-ID: ==================================== 14...

GeniXCMS 0.0.1 Cross Site Scripting

GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP...

GeniXCMS 0.0.1 - Multiple Vulnerabilities

GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...

GeniXCMS 0.0.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and...

Barracuda Networks Cloud Series Script Insertion

Document Title: =============== Barracuda Networks Cloud Series - Filter Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=754 Barracuda Networks Security ID BNSEC: 731 Release Date: ============= 2015-01-19 Vulnerability Laboratory ID...

WordPress gSlideShow 0.1 CSRF / XSS

Title: CSRF / Stored XSS Vulnerability in gSlideShow Wordpress Plugin Author: Manideep K CVE-ID: CVE 2014-9391 Plugin Homepage: https://wordpress.org/plugins/gslideshow/ Version Affected: 0.1 probably lower versions Severity: High Description: Vulnerable Parameter: 1 id:rssid , name:rss 2...

WordPress Twitter LiveBlog 1.1.2 CSRF / XSS

Title: CSRF / Stored XSS Vulnerability in Twitter LiveBlog Wordpress Plugin Author: Manideep K CVE-ID: CVE-2014-9398 Plugin Homepage: https://wordpress.org/plugins/twitter-liveblog/ Version Affected: 1.1.2 probably lower versions Severity: High Description: Vulnerable Parameter:...

PayPal France Mail Encoding Script Insertion

Document Title: =============== PayPal Inc Bug Bounty Issue 70 France - Persistent Escape Shopping Mail Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=869...

BulletProof Security <= .50.8 - Script Insertion

The BulletProof Security WordPress plugin was affected by a Script Insertion security vulnerability...

Lazyest Gallery <= 1.1.20 - EXIF Script Insertion

The Lazyest Gallery WordPress plugin was affected by an EXIF Script Insertion security vulnerability...