15 matches found
EUVD-2021-11405
Malware in sbrugna...
CVE-2021-24493
The shoppuploadfile AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading t...
CVE-2021-24493
The shoppuploadfile AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading t...
CVE-2021-24493
The shoppuploadfile AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading t...
Design/Logic Flaw
The shoppuploadfile AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading t...
CVE-2021-24493
The CVE-2021-24493 entry describes a vulnerability in the Shopp WordPress plugin (≤1.4) where the shopp_upload_file AJAX action allows unauthenticated and authenticated users to upload arbitrary files (e.g., PHP shells) without security checks, enabling remote code execution. The available connec...
CVE-2021-24493 Shopp eCommerce <= 1.4 - Unauthenticated Arbitrary File Upload
The shoppuploadfile AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading t...
WordPress 插件代码问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress plugin Shopp, which stems from the shoppuploadfil...
Shopp eCommerce <= 1.4 - Unauthenticated Arbitrary File Upload
The shoppuploadfile AJAX action of the plugin, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading to RCE PoC...
WordPress Shopp 1.4 Database Disclosure
Exploit Title : WordPress Shopp Plugins 1.4 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : shopplugin.net wordpress.org/plugins/shopp/ Software Download Link : downloads.wordpress.org/plugin/shopp.zip Tested...
WordPress Shopp Plugin - Multiple Security Vulnerabilities
WordPress Shopp plugin is prone to multiple security vulnerabilities that allow an attacker to disclose or steal information, execute arbitrary client side script code in the context of browser or launch other attacks. Also, these vulnerabilities allow to upload and execute arbitrary files in the...
WordPress Plugin Shopp - Multiple Vulnerabilities
WordPress Plugin Shopp - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/55817/info The Shopp plugin for WordPress is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attackers can exploit these issues to disclose sensitiv...
WordPress Shopp v1.0.17 - eCommerce Plugin <= XSS/LFI Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
WordPress Plugin Shopp - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/55817/info The Shopp plugin for WordPress is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attackers can exploit these issues to disclose sensitive information, steal cookie information, execute...
WordPress Shopp 1.0.17 XSS / Shell Upload / Disclosure
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...