Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: wordpress theme photocrati 4.X.X SQL INJECTION Google Dork: Designed by Photocrati also powered by Photocrati Date: 23 / 09 / 2011 Exploit Author: ayastar Email : email protected Software Link: http://www.photocrati.com Version:...

CVE-2015-1172 Wordpress-theme remote arbitrary code

Product: holdingpattern Vendor: Liftux Vulnerable Versions: 0.6 and prior Tested Version: 0.6 Advisory Publication: January 18, 2015 Vendor Notification: January 14, 2015 Public Disclosure: January 18, 2015 Vulnerability Type: Exec Code Authentication: Not required to exploit CVE Reference:...

WordPress Elegant Themes Divi Theme Directory Traversal Vulnerability

WordPress is a set of blogging platform developed by WordPress Software Foundation using PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Elegant Themes Divi is one of the Elegant Themes. A directory traversal vulnerability exists in the WordPress Elegant...

WordPress Refraction Theme - Multiple Vulnerabilities

This WordPress theme is prone to a cross site scripting and full path disclosure vulnerabilities. Solution Update the theme...

Urban City - download.php Local File Inclusion (LFI)

The urbancity WordPress theme was affected by a download.php Local File Inclusion LFI security vulnerability...

WordPress Theme Marble Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title : WordPress Theme Marble Arbitrary File Download Vulnerability Exploit Author : NULLPointer Date : 17/09/2014 Vendor Homepage : http://themeforest.net/item/marble-flat-responsive-creative-wordpress-theme/5896650 Version: 1.1.2...

WordPress Theme Acento - view-pdf.php?File Arbitrary File Download

WordPress Theme Acento - view-pdf.php?File Arbitrary File Download +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : WordPress acento theme Arbitrary File Download Vulnerability Author : alieye vondor : http://www.wpbyexample.com/detail/acentocultural.com Contact : [email protected]...

WordPress Theme Acento - 'view-pdf.php?File' Arbitrary File Download

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : WordPress acento theme Arbitrary File Download Vulnerability Author : alieye vondor : http://www.wpbyexample.com/detail/acentocultural.com Contact : [email protected] Risk : High Class: Remote Date: 01/09/2014...

LineNity 1.20 - download.php imgurl Parameter Remote Path Traversal File Access

The linenity WordPress theme was affected by a download.php imgurl Parameter Remote Path Traversal File Access security vulnerability...

Kiddo - remote shell upload

The kiddo WordPress theme was affected by a remote shell upload security vulnerability...

Love It - XSS / Content Spoofing / Path Disclosure

The iloveit WordPress theme was affected by a XSS / Content Spoofing / Path Disclosure security vulnerability...

Elegant Grunge 1.0.3 - s Parameter XSS

The Elegant Grunge WordPress theme was affected by a s Parameter XSS security vulnerability...

CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection

The cstardesign WordPress theme was affected by a flashmoXML.php id Parameter SQL Injection security vulnerability...

DejaVu 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion

The dejavu WordPress theme was affected by a dl-skin.php mysitedeleteskinzip Parameter Absolute Path Traversal Remote Directory Deletion security vulnerability...

DejaVu 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download

The dejavu WordPress theme was affected by a dl-skin.php mysitedownloadskin Parameter Absolute Path Traversal Remote File Download security vulnerability...

Folo - Cross Site Scripting

The folo WordPress theme was affected by a Cross Site Scripting security vulnerability...

Magnitudo - Arbitrary File Upload

The magnitudo WordPress theme was affected by an Arbitrary File Upload security vulnerability...

Toolbox 1.4 - flyer.php mls Parameter SQL Injection

The toolbox WordPress theme was affected by a flyer.php mls Parameter SQL Injection security vulnerability...

Blooog 1.1 - jplayer.swf Cross Site Scripting

The blooog WordPress theme was affected by a jplayer.swf Cross Site Scripting security vulnerability...

Imperial Fairytale - Multiple Script Direct Request Path Disclosure

The imperial-fairytale WordPress theme was affected by a Multiple Script Direct Request Path Disclosure security vulnerability...