83 matches found
CVE-2011-4803
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2011-4803
Affected software: WordPress WPtouch plugin. Vulnerable component: wptouch/ajax.php; issue: SQL injection via the id parameter that allows remote execution of arbitrary SQL commands. Root cause: improper validation/escaping in the Ajax endpoint. Impact: potential data modification, query manipula...
WordPress wptouch plugin SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress wptouch plugin SQL Injection Vulnerability Date: 2011-27-10 Author: longrifle0x software: Wordpress Tools: SQLMAP --------------- POST data --------------- http://www.site.com/wp-content/plugins/wptouch/ajax.php Exploit: id=-1; id=- AND...
WordPress Plugin wptouch - SQL Injection
WordPress Plugin wptouch - SQL Injection Exploit Title: WordPress wptouch plugin SQL Injection Vulnerability Date: 2011-27-10 Author: longrifle0x software: Wordpress Tools: SQLMAP --------------- POST data --------------- http://www.site.com/wp-content/plugins/wptouch/ajax.php Exploit: id=-1; id=...
WordPress WPtouch Plugin - SQL Injection Vulnerability
WPtouch plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...
WordPress Plugin wptouch - SQL Injection
Exploit Title: WordPress wptouch plugin SQL Injection Vulnerability Date: 2011-27-10 Author: longrifle0x software: Wordpress Tools: SQLMAP --------------- POST data --------------- http://www.site.com/wp-content/plugins/wptouch/ajax.php Exploit: id=-1; id=- AND SLEEP5 or 1=if...
WordPress wptouch plugin SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress wptouch plugin SQL Injection Vulnerability Date: 2011-27-10 Author: longrifle0x software: Wordpress Tools: SQLMAP --------------- POST data --------------- http://www.site.com/wp-content/plugins/wptouch/ajax.php Exploi...
WordPress WPtouch 1.9.32 URL Redirect
Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.32 URL redirection Google Dork: intext:"Powered by Wordpress + WPtouch" with iphone/android User-Agent Author: MaKyOtOx special pwet to ansx & Zizounette & antrhacks for bitcoin Date: 25/07/2011 Software Link:...
WPtouch Plugin for WordPress 'wptouch_redirect' Parameter URL Redirection
The version of the WPtouch plugin for WordPress installed on the remote host fails to properly sanitize input to the 'wptouchredirect' parameter when 'wptouchview' is set to 'normal' before using it in the 'wptouch.php' script to generate a URL redirection. An attacker can exploit this issue to...
WordPress WPtouch URL Redirection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...
WordPress WPtouch Plugin 1.9.27 - URL redirection
This WordPress WPtouch plugin is prone to an URL redirection vulnerability. Solution Update the plugin...
WordPress Plugin WPtouch 1.9.27 - URL redirection
WordPress Plugin WPtouch 1.9.27 - URL redirection Hello , that's a 0day on the must downloaded WordPress plugin. Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection Google Dork: intext:"Powered by Wordpress + WPtouch" with iphone/android User-Agent Author: MaKyOtOx special Pwet t...
WordPress WPtouch Plugin 1.9.27 URL redirection
Exploit for php platform in category web applications Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection Google Dork: intext:"Powered by Wordpress + WPtouch" with iphone/android User-Agent Author: MaKyOtOx special Pwet to ansx & Zizounette for bitcoins Date: 20/06/2011 Software...
WordPress Plugin WPtouch 1.9.27 - URL redirection
Hello , that's a 0day on the must downloaded WordPress plugin. Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection Google Dork: intext:"Powered by Wordpress + WPtouch" with iphone/android User-Agent Author: MaKyOtOx special Pwet to ansx & Zizounette for bitcoins Date: 20/06/2011...
WordPress WPTouch 1.9.27 URL Redirection
Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection Google Dork: intext:"Powered by Wordpress + WPtouch" with iphone/android User-Agent Author: MaKyOtOx special Pwet to ansx & Zizounette for bitcoins Date: 20/06/2011 Software Link: http://wordpress.org/extend/plugins/wptouch/...
CVE-2010-4779
Cross-site scripting XSS vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouchsettings parameter to include/adsense-new.php. NOTE: some of these details are obtained from...
Cross site scripting
Cross-site scripting XSS vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouchsettings parameter to include/adsense-new.php. NOTE: some of these details are obtained from...
CVE-2010-4779
Cross-site scripting XSS vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouchsettings parameter to include/adsense-new.php. NOTE: some of these details are obtained from...
CVE-2010-4779
The CVE-2010-4779 entry concerns the WPtouch WordPress plugin, where an XSS flaw exists in lib/includes/auth.inc.php affecting WPtouch versions 1.9.19.4 and 1.9.20. The vulnerability allows remote attackers to inject arbitrary script or HTML via the wptouch_settings parameter to include/adsense-n...
WordPress WPtouch Plugin <= 1.9.20 - XSS
Because of this vulnerability in lib/includes/auth.inc.php, the attackers can inject arbitrary web script or HTML via the "wptouchsettings" parameter to include/adsense-new.php. Solution Update the plugin...