WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload

WordPress SP Project & Document Manager plugin before 4.22 is susceptible to authenticated shell upload. The plugin allows users to upload files; however, the plugin attempts to prevent PHP and other similar executable files from being uploaded via checking the file extension. PHP files can still...

Wordpress SP Project & Document Manager 4.21 Plugin - Remote Code Execution Exploit

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link: https://downloads.wordpress.org/plugin/sp-client-document-manager.4.21.zip Version:...

WordPress SP Project And Document Manager 4.21 Shell Upload

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Date 07.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link:...

Wordpress Plugin SP Project &amp; Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Date 07.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link:...

WordPress Plugin SP Project Document Manager 2.5.3 - Blind SQL Injection

WordPress Plugin SP Project Document Manager 2.5.3 - Blind SQL Injection Exploit Title: WordPress SP Project & Document Manager 2.5.3 Blind SQL Injection Google Dork: inurl:wp-content/plugins/sp-client-document-manager Date: 2015-03-04 Exploit Author: catsecurity Vendor Homepage:...

Multiple SQL Injection in SP Client Document Manager plugin

Vulnerability title: Multiple SQL Injection in SP Client Document Manager plugin Plugin: SP Client Document Manager Vendor: http://smartypantsplugins.com Product: https://wordpress.org/plugins/sp-client-document-manager/ Affected version: version 2.4.1 and previous version Fixed version: N/A Goog...

WordPress SP Client Document Manager 2.4.1 SQL Injection Vulnerability

WordPress SP Client Document Manager plugin version 2.4.1 suffers from multiple remote SQL injection vulnerabilities. Vulnerability title: Multiple SQL Injection in SP Client Document Manager plugin Plugin: SP Client Document Manager Vendor: http://smartypantsplugins.com Product:...