find_dvcs

This plugin search git, hg, bzr, svn or cvs repositories and checks for files containing. For example, if the input is: http://host.tld/w3af/index.php The plugin will perform requests to: http://host.tld/w3af/.git/index http://host.tld/w3af/.gitignore http://host.tld/w3af/.hg/store/fncache...

strange_parameters

This plugin greps all responses and tries to identify URIs with strange parameters, some examples of strange parameters are: http://a/?b=methoda,c http://a/?c=x|y|z|d Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and th...

Vulnerabilities in WordPress Attack Scanner for WordPress

Hello 3APA3A! I want to warn you about security vulnerabilities in WordPress Attack Scanner plugin for WordPress. These are Information Leakage vulnerabilities. This is security plugin. In my 63 advisories about different vulnerabilities in WordPress plugins http://websecurity.com.ua/3397/ I've...

WordPress plugin Attack Scanner Bypass vulnerability

Exploit for php platform in category web applications I want to warn you about security vulnerabilities in WordPress Attack Scanner plugin for WordPress. These are Information Leakage vulnerabilities. This is security plugin. In my 63 advisories about different vulnerabilities in WordPress plugin...

CVE-2012-4268

Cross-site scripting XSS vulnerability in bulletproof-security/admin/options.php in the BulletProof Security plugin before .47.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTPACCEPTENCODING header...

Wordpress Omni Secure Files Plugin 0.1.13 Arbitrary File Upload

Exploit for php platform in category web applications Description : Wordpress Plugins - Omni Secure Files Arbitrary File Upload Vulnerability Version : 0.1.13 Link : http://wordpress.org/extend/plugins/omni-secure-files/ Plugins : http://downloads.wordpress.org/plugin/omni-secure-files.zip Date :...

Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File Inclusion

Exploit for php platform in category web applications Exploit Title: Zingiri Web Shop Wordpress plugin RFI Google Dork: inurl:wp-content/plugins/zingiri-web-shop Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing Software Link:...

WordPress Safe Search Plugin - Cross-Site Scripting Vulnerability

Safe Search "v1" parameter plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...

Solaris 10 (sparc) : 119059-73 (deprecated)

X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 119059 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/03/12...

IP Protocols Scan

This plugin detects the protocols understood by the remote IP stack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid14788; scriptversion"1.27"; scriptsetattributeattribute:"pluginmodificationdate",...