WordPress Monetize 1.03 Cross Site Request Forgery / Cross Site Scripting

Exploit Title : Wordpress Monetize Plug-in XSS/CSRF Exploit Author : Ashiyane Digital Security Team Vendor Homepage : https://wordpress.org/plugins/monetize/ Date: 2015-08-07 Tested On : Kali Linux - FireFox Software Link : https://downloads.wordpress.org/plugin/monetize.zip Version : 1.03...

WordPress Avenir-Soft Direct Download 1.0 XSS / CSRF

Exploit Title: Wordpress Avenir-Soft Direct Download Plug-in XSS/CSRF Exploit Author: Ashiyane Digital Security Team Vendor Homepage: https://wordpress.org/plugins/avenirsoft-directdownload/ Date: 2015-08-06 Tested On: Kali Linux - FireFox Software Link:...

SOL16909 - BIND vulnerability CVE-2015-5477

1These versions are vulnerable if a self IP address or management IP address is configured to allow inbound connections on port 53. 2These versions are vulnerable if a DNS profile is configured with the Use BIND Server on BIG-IP option enabled by default. 3These versions are vulnerable if...

WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download

Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com/ Software Link:...

Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Endian Firewall %q This module exploits an OS command injection vulnerability in a web-accessible CGI script used to change password...

WordPress Plugin Freshmail 1.5.8 - shortcode.php SQL Injection

WordPress Plugin Freshmail 1.5.8 - shortcode.php SQL Injection Exploit Title: Unauthenticated SQL Injection on Wordpress Freshmail 1 Google Dork: N/A Date: 05/05/2015 Exploit Author: Felipe Molina de la Torre @felmoltor Vendor Homepage: http://freshmail.com/ Software Link:...

Twenty Fifteen Theme <= 1.1 - DOM Cross-Site Scripting (XSS)

Genericons = 3.2 vulnerable to DOM XSS in the example.html file due to using outdated version of jQuery and vulnerable code. Vulnerable Code: permalink = "genericon-" + window.location.hash.split''1; cssclass = jQuery '.' + permalink .attr'class'; PoC...

Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS)

Genericons = 3.2 vulnerable to DOM XSS in the example.html file due to using outdated version of jQuery and vulnerable code. Vulnerable Code: permalink = "genericon-" + window.location.hash.split''1; cssclass = jQuery '.' + permalink .attr'class'; PoC...

Ultimate Product Catalogue <= 3.1.2 - Unauthenticated SQL Injection

Unauthenticated SQL injection in ajax call when the plugin is counting the times a product is being seen by the web visitors. The vulnerable POST parameter is "ItemID". Vulnerable code: In file Functions/ProcessAjax.php line 67: ... $ItemID = $POST'ItemID'; $Item = $wpdb-getrow"SELECT ItemViews...

PHP arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Vulnerability details: This vulnerability exists in php in a very commonly used function: the moveuploadedfiles, the developer always use this function to move the uploaded file,this function will check is upload whether the file is a legitimate filewhether it is through the HTTP post mechanism t...

WordPress Simple Ads Manager 2.5.94 File Upload

Vulnerability title: Wordpress plugin Simple Ads Manager - Arbitrary File Upload Product: Wordpress plugin Simple Ads Manager Vendor: https://profiles.wordpress.org/minimus/ Affected version: Simple Ads Manager 2.5.94 Download link: https://wordpress.org/plugins/simple-ads-manager/ CVE ID:...

ProjectSend r561 - SQL Injection Vulnerability

Exploit for php platform in category web applications Vulnerability title: ProjectSend r561 - SQL injection vulnerability Product: ProjectSend r561 Vendor: http://www.projectsend.org/ Affected version: ProjectSend r561 Download link: http://www.projectsend.org/download/67/ Fixed version: N/A...

jQuery - jui_filter_rules PHP Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plugin which allows users to generate a ruleset which could be...

jQuery jui_filter_rules PHP Code Execution Vulnerability

The jQuery juifilterrules parsing library suffers from an arbitrary php remote code execution vulnerability. PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plug...

Traidnt Up 3.0 SQL injection Exploit

Exploit for php platform in category web applications '; else echo ' http://site.com/path/: user: &n...

Radexscript CMS 2.2.0 SQL Injection

Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Vendor: http://redaxscript.com/ Product: Radexscript CMS Software link: http://redaxscript.com/download/releases Affected version: Redaxscript 2.2.0 Fixed version: Redaxscript 2.3.0 CVE ID: CVE-2015-1518 Author: Pham Kien...

WordPress Quasar Theme 1.9.1 Privilege Escalation Vulnerability

WordPress Quasar Theme version 1.9.1 suffers from a privilege escalation vulnerability. ------------------------------------------------------------------------------ WordPress Quasar Theme Previlege Escalation ------------------------------------------------------------------------------ - Theme...

CVE-2015-0973

Buffer overflow in the pngreadIDATdata function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495...

Exploit-Tutorial-1

This is a module that will help you learn the basics of exploit development, the focus on this one is a stack-buffer type of overflow and the platform used is GNU/Linux. Basic Buffer Overflow for Linux - Part of the Exploit Pack Tutorials The following exploit code has been written in Python and...

WordPress Simple Visitor Stat Cross Site Scripting

Title: WordPress 'Simple Visitor Stat' plugin - Stored XSS Reported by: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/12/12 Download: https://wordpress.org/plugins/simple-visitor-stat/ ---------------------------------------------------------------- Description:...