Ian Dunn: Dos https://iandunn.name/ via CVE-2018-6389 exploitation

Similar to 752010 Detail:- There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Detailed attack scenario is described for example here...

Yelp: DoS of https://blog.yelp.com/ and other WP instances via CVE-2018-6389

Description: There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details: Detailed attack scenario is described for example here:...

Nord Security: DoS of https://nordvpn.com/ via CVE-2018-6389 exploitation

There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details Detailed attack scenario is described for example here:...

OLX: load scripts DOS vulnerability

1 vulnerability description WordPress allows users to load multiple JS files and CSS files through load-scripts.php files at once. For example, https://wpwebsite.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor...

FormAssembly: scripts loader DOS vulnerability

1 vulnerability description WordPress allows users to load multiple JS files and CSS files through load-scripts.php files at once. For example, https://wpwebsite.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor...

MariaDB: scripts loader (denial of service) vulnerability

1 vulnerability description WordPress allows users to load multiple JS files and CSS files through load-scripts.php files at once. For example, https://wpwebsite.com/wp-admin/load-scripts.php?c=1&load=jquery-ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor files...

LocalTapiola: DoS of www.lahitapiolarahoitus.fi via CVE-2018-6389 exploitation

Description There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details Detailed attack scenario is described for example here:...

WordPress Core - 'load-scripts.php' Denial of Service(CVE-2018-6389)

According to wordpress.com, the WordPress platform powers 29% of the worldwide internet websites. In this article I am going to explain how Denial of Service can easily be caused to almost any WordPress website online, and how you can patch your WordPress website in order to avoid this...

Exploit for Uncontrolled Resource Consumption in Wordpress

CVE-2018-6389 Wordpress Exploit CVE-2018-6389 Exploit Can Dow...

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites

A simple yet serious application-level denial of service DoS vulnerability has been discovered in WordPress CMS platform that could allow anyone to take down most WordPress websites even with a single machine—without hitting with a massive amount of bandwidth, as required in network-level DDoS...

WordPress Core load-scripts.php Denial Of Service

import requests import sys import threading import random import re import argparse host='' headersuseragents= requestcounter=0 printedMsgs = def printMsgmsg: if msg not in printedMsgs: print "\n"+msg + " after %i requests" % requestcounter printedMsgs.appendmsg def useragentlist: global...

WordPress Core - load-scripts.php Denial of Service

WordPress Core - load-scripts.php Denial of Service EDB Note: python doser.py -g...

WordPress Core - 'load-scripts.php' Denial of Service

EDB Note: python doser.py -g...

Zabbix 2.0.1 and Earlier Session Extractor 0day

No description provided by source. !/usr/bin/python import re import sys,urllib2,urllib print \n Zabbix 2.0.1 Session Extractor 0day print http://www.offensive-security.com print \n ''' The sessions found by this tool may allow you to access the scripts.php file. Through this web interface, an...

Zabbix 2.0.1 and Earlier Session Extractor 0day

Exploit for php platform in category web applications !/usr/bin/python import re import sys,urllib2,urllib print "\n Zabbix 2.0.1 Session Extractor 0day" print " http://www.offensive-security.com" print "\n" ''' The sessions found by this tool may allow you to access the scripts.php file. Through...

Zabbix 2.0.1 - Session Extractor

Zabbix 2.0.1 - Session Extractor !/usr/bin/python import re import sys,urllib2,urllib print "\n Zabbix 2.0.1 Session Extractor 0day" print " http://www.offensive-security.com" print "\n" ''' The sessions found by this tool may allow you to access the scripts.php file. Through this web interface, ...