PT-2022-10089 · Unknown · October Cms

Name of the Vulnerable Software and Affected Versions: October CMS versions prior to 1.0.473 and 1.1.6 Description: The issue allows an attacker with "create, modify and delete website pages" privileges in the backend to execute PHP code by running specially crafted Twig code in the template...

WordPress Floating Social Bar 1.1.5 Cross Site Scripting

Exploit Title: Floating Social Bar 1.1.5 XSS Date: 09-01-2015 Software Link: https://wordpress.org/plugins/floating-social-bar/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description Everyone can access saveorder...