CVE-2021-24215

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromi...

Improper access control

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromi...

CVE-2021-24215

CVE-2021-24215 affects the Controlled Admin Access WordPress plugin (before 1.5.2). It is an improper access control vulnerability allowing unauthenticated attackers to access website customization and global CMS settings (e.g., /wp-admin/customization.php and /wp-admin/options.php), potentially ...

CVE-2021-24215 Controlled Admin Access < 1.5.2 - Improper Access Control & Privilege Escalation

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromi...

Controlled Admin Access < 1.5.2 - Improper Access Control & Privilege Escalation

An Improper Access Control vulnerability was discovered in the plugin. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource. Even with the maximu...

Netartmedia PHP Car Dealer - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia PHP Car Dealer- SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/autodealer/ Demo Site: https://www.phpscriptdemos.com/autodealer/ Version: Lastest Tested on: Kali Linux CV...

Hotel Booking Script 3.4 Cross Site Request Forgery

Exploit Title: Admin Account take over Via CSRF Google Dork: N/A Date: 17-12-2018 Exploit Author: Sainadh Jamalpur Vendor Homepage: https://www.phpjabbers.com/hotel-booking-system/ Software Link: https://demo.phpjabbers.com/1545033057422/index.php?controller=pjAdmin&action=pjActionIndex Version:...

idevspot Text ads 2.08 - SQL Injection

idevspot Text ads 2.08 - SQL Injection Title:idevspot Text ads 2.08 sqli vulnerability Author: Sid3^effects Published: 2010-06-06 price:$147 email:[email protected] vendor: idevspot url : http://www.idevspot.com/TextAds2.php google dork : Powered by TextAds 2.08 ooooo .oooooo. oooooo oooooo oooo...