exploit the possibilities
Showing 1 - 25 of 52 RSS Feed

Files from DefenseCode

Email addressdefensecode at defensecode.com
First Active2012-11-13
Last Active2018-07-27
WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting
Posted Jul 27, 2018
Authored by DefenseCode, Neven Biruski

WordPress Gwolle Guestbook plugin version 2.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b23bc2a383b6cc1c5ccefb6963683971
WordPress Strong Testimonials 2.31.4 Cross Site Scripting
Posted Jul 27, 2018
Authored by DefenseCode, Neven Biruski

WordPress Strong Testimonials plugin version 2.31.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a133893c4212712101407d506a534550
WordPress Snazzy Maps 1.1.3 Cross Site Scripting
Posted Jul 26, 2018
Authored by DefenseCode, Neven Biruski

WordPress Snazzy Maps plugin versions 1.1.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6a5b64bad9af84f0198e0b9105045392
WordPress WP Google Map 4.0.4 SQL Injection
Posted Jun 12, 2018
Authored by DefenseCode, Neven Biruski

WordPress WP Google Map plugin versions 4.0.4 and below suffer from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2456732033e558ec555c1b594d000411
WordPress Ultimate Form Builder Lite 1.3.7 XSS / SQL Injection
Posted Jun 12, 2018
Authored by DefenseCode, Neven Biruski

WordPress Ultimate Form Builder Lite versions 1.3.7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 4147f9e58f55a85f9e33e394450a0f3a
WordPress Contact Form Maker 1.12.20 XSS / CSRF / SQL Injection
Posted Jun 7, 2018
Authored by DefenseCode, Neven Biruski

WordPress Contact Form Maker plugin versions 1.12.20 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | d08badfbc380bef4839f1e6faaf47b7e
WordPress Form Maker 1.12.24 XSS / CSRF / SQL Injection
Posted Jun 7, 2018
Authored by DefenseCode, Neven Biruski

WordPress Form Maker plugin versions 1.12.24 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 222b8b4c330c800a4f881ec057b14e4f
Magento Product Attributes Cross Site Scripting
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento suffers from product attribute information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, vulnerability, xss
MD5 | d73101b6b0b0b0f02a6ec88ff295af50
Magento Downloadable Products Cross Site Scripting
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento suffers from downloadable product information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, vulnerability, xss
MD5 | f77d1da16377bd36480710245f667fb2
Magento Backups Cross Site Request Forgery
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento Backups suffer from a cross site request forgery vulnerability. Versions affected include Magento Open Source prior to 1.9.3.8, Magento Commerce prior to 1.14.3.8, Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, csrf
MD5 | 0adaddcd0d7b534ec114223d7660feb1
Magento User Info Cross Site Scripting
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento suffers from user information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, vulnerability, xss
MD5 | 91c1b88ab3d81c67800e22cebc73902e
PureVPN 5.19.4.0 Privilege Escalation
Posted Feb 21, 2018
Authored by DefenseCode, Bosko Stankovic

PureVPN versions 5.19.4.0 and below suffer from a privilege escalation vulnerability.

tags | advisory
MD5 | bc09db910165ef220d5ab399ca475c2d
SugarCRM Community Edition 6.5.26 SQL Injection
Posted Jan 24, 2018
Authored by Leon Juranic, DefenseCode

SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2ab4e697942a1f1e39de181287dee068
WordPress Testimonial Slider 1.2.4 SQL Injection
Posted Jan 11, 2018
Authored by DefenseCode, Neven Biruski

WordPress Testimonial Slider plugin versions 1.2.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 171fbf4af364b138825c12c2a1ba6464
WordPress Smooth Slider 2.8.6 SQL Injection
Posted Jan 11, 2018
Authored by DefenseCode, Neven Biruski

WordPress Smooth Slider plugin versions 2.8.6 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3ca8963a8f503e09a95c667231a768d8
WordPress Dbox 3D Slider Lite 1.2.2 SQL Injection
Posted Jan 11, 2018
Authored by DefenseCode, Neven Biruski

WordPress Dbox 3D Slide Lite plugin versions 1.2.2 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 396bea3f46a47c839564e82ee3df2688
WordPress Booking Calendar 7.0 / 7.1 SQL Injection / Local File Inclusion
Posted Dec 20, 2017
Authored by DefenseCode, Neven Biruski

WordPress Booking Calendar plugin versions 7.1, 7.0, and below suffer from remote SQL injection and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | fd4e207ff9fc3d6be29efbcdeb30fa9e
WordPress Clean Up Optimizer 4.0.0 SQL Injection
Posted Dec 20, 2017
Authored by DefenseCode, Neven Biruski

WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 89af3a8114d77b162a390a6d6b1874e9
WordPress Top-10 2.4.2 SQL Injection
Posted Dec 20, 2017
Authored by DefenseCode, Neven Biruski

WordPress Top-10 plugin versions 2.4.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ee588dbd58069595df55af0f7982b6d0
WordPress Ad Widget 2.10.0 Local File Inclusion
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | a02c1bb177145fdea032f28a60278396
WordPress Simple Login Log 1.1.1 SQL Injection
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Login Log plugin version 1.1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 80eca9af5e5ecacd33c8d526809fd7a8
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 5, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
MD5 | b8e9abcbfbba8f6e6349871a393da400
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 4, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. This is a second advisory from DefenseCode for the same software and vulnerabilities. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
MD5 | 6fac5f12b988c5d618dd41e90f4d5591
WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress Podlove Podcast Publisher plugin versions 2.5.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7644c1e718ad96e70260bb88694784a8
WordPress PressForward 4.3.0 Cross Site Scripting
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress PressForward plugin versions 4.3.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c1bc43011a404f94f827c88a862b2af5
Page 1 of 3
Back123Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close