exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files from DefenseCode

Email addressdefensecode at defensecode.com
First Active2012-11-13
Last Active2018-07-27
WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting
Posted Jul 27, 2018
Authored by DefenseCode, Neven Biruski

WordPress Gwolle Guestbook plugin version 2.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0102adc89a526756f71376d8ca8b12e0af203e535a067eed6ad082c80015d2a0
WordPress Strong Testimonials 2.31.4 Cross Site Scripting
Posted Jul 27, 2018
Authored by DefenseCode, Neven Biruski

WordPress Strong Testimonials plugin version 2.31.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 29e3e61c5bb4cc522ae61f3fdbf89e035d73bfa6c4c7ed5ee78b79874121d335
WordPress Snazzy Maps 1.1.3 Cross Site Scripting
Posted Jul 26, 2018
Authored by DefenseCode, Neven Biruski

WordPress Snazzy Maps plugin versions 1.1.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 69d9372e1f11eb13779812a45773c8c5799eb581c2d4f0a43fdac8c63bc11aac
WordPress WP Google Map 4.0.4 SQL Injection
Posted Jun 12, 2018
Authored by DefenseCode, Neven Biruski

WordPress WP Google Map plugin versions 4.0.4 and below suffer from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 47845a0de05723fa22908baa8f1387f03dc2b7a10302916bf08f5d96fc9dd027
WordPress Ultimate Form Builder Lite 1.3.7 XSS / SQL Injection
Posted Jun 12, 2018
Authored by DefenseCode, Neven Biruski

WordPress Ultimate Form Builder Lite versions 1.3.7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 94336025653173391ac5889e704bcfd91b865bf11182e68e4e9264480f585de8
WordPress Contact Form Maker 1.12.20 XSS / CSRF / SQL Injection
Posted Jun 7, 2018
Authored by DefenseCode, Neven Biruski

WordPress Contact Form Maker plugin versions 1.12.20 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 6b69b22bcc4cf5af62f351dcfe1d610cce1dc958b7caf6c12697c2a54a3e9c7d
WordPress Form Maker 1.12.24 XSS / CSRF / SQL Injection
Posted Jun 7, 2018
Authored by DefenseCode, Neven Biruski

WordPress Form Maker plugin versions 1.12.24 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 3131d3f173b1933fc4dabd940dc3fd7fa471504c3704fbfd5ced31130a9aa0fb
Magento Product Attributes Cross Site Scripting
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento suffers from product attribute information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, vulnerability, xss
SHA-256 | 549e235e03ef0bdbe9eea05a3e1bd3f340f29761c9abdad73f4036142c0591e3
Magento Downloadable Products Cross Site Scripting
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento suffers from downloadable product information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, vulnerability, xss
SHA-256 | 1bbd2c7b993ffcb1a4ef9c205272274661f6065ff4e313cd2057ced8ea75d918
Magento Backups Cross Site Request Forgery
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento Backups suffer from a cross site request forgery vulnerability. Versions affected include Magento Open Source prior to 1.9.3.8, Magento Commerce prior to 1.14.3.8, Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, csrf
SHA-256 | 6d870f518782a4d674caa1e656efd73fa25831cbd1426facfd575d0b2defcd72
Magento User Info Cross Site Scripting
Posted Mar 6, 2018
Authored by DefenseCode, Bosko Stankovic

Magento suffers from user information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.

tags | exploit, vulnerability, xss
SHA-256 | 8655d134ed2747f6351bd7d013f6487b55c2509759a2cba576f6d2143f46f59d
PureVPN 5.19.4.0 Privilege Escalation
Posted Feb 21, 2018
Authored by DefenseCode, Bosko Stankovic

PureVPN versions 5.19.4.0 and below suffer from a privilege escalation vulnerability.

tags | advisory
SHA-256 | f01935ae5539d9a66d7d09ee0ec64486230558bc46f1e918ef59cf2148cdaa26
SugarCRM Community Edition 6.5.26 SQL Injection
Posted Jan 24, 2018
Authored by Leon Juranic, DefenseCode

SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | bc4cc7bf63d53a27a1eb576d08fe29628ea8da32f5518c5c866e31065558a8a7
WordPress Testimonial Slider 1.2.4 SQL Injection
Posted Jan 11, 2018
Authored by DefenseCode, Neven Biruski

WordPress Testimonial Slider plugin versions 1.2.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4843ea7190a8b03ec20a9232c6f5a6ded3adba6e253edb278b67f49e681f02b0
WordPress Smooth Slider 2.8.6 SQL Injection
Posted Jan 11, 2018
Authored by DefenseCode, Neven Biruski

WordPress Smooth Slider plugin versions 2.8.6 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 969899dce42308e6793f299ffa4d732c1287d84bb8b4576223cafa7d5fed6dce
WordPress Dbox 3D Slider Lite 1.2.2 SQL Injection
Posted Jan 11, 2018
Authored by DefenseCode, Neven Biruski

WordPress Dbox 3D Slide Lite plugin versions 1.2.2 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 5528cd5d06c970cf9130914fc542c9f448c79f182518089b7000c271a6fad1db
WordPress Booking Calendar 7.0 / 7.1 SQL Injection / Local File Inclusion
Posted Dec 20, 2017
Authored by DefenseCode, Neven Biruski

WordPress Booking Calendar plugin versions 7.1, 7.0, and below suffer from remote SQL injection and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | 646173f5e81a1f63cb65e0e58738fb57ac62c8835c609e27e0a0a795b6dbd637
WordPress Clean Up Optimizer 4.0.0 SQL Injection
Posted Dec 20, 2017
Authored by DefenseCode, Neven Biruski

WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ae6b1807725083901c6a9501a476db389ad391985032e1b233e714bc82349172
WordPress Top-10 2.4.2 SQL Injection
Posted Dec 20, 2017
Authored by DefenseCode, Neven Biruski

WordPress Top-10 plugin versions 2.4.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 491e52f7852755e7029e0188400d67003a5d9a69543fdd91e42c7ab58563697f
WordPress Ad Widget 2.10.0 Local File Inclusion
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 4dca75cd604be2d9ee5f59b3df5a6b97e028b213c809e41dec3862eafa62e6c7
WordPress Simple Login Log 1.1.1 SQL Injection
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Login Log plugin version 1.1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | fe442cde72653defe51ab63edea37018252e0e898b0851ee4a61c92bdfdc035c
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 5, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 4d32bf78790a47b612f73e6f5369bdb54efc47178d31a6a5c2caee2287e9d34f
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 4, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. This is a second advisory from DefenseCode for the same software and vulnerabilities. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 8d86ea8e9eb75bb36c388fcd274b7cd6fb4431c98f0098e80d1cb745bb4f4af9
WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress Podlove Podcast Publisher plugin versions 2.5.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dc7e4831715fbb93ca6ee18c38fa2fb87560853f28673c4b78848d8a2c9b707e
WordPress PressForward 4.3.0 Cross Site Scripting
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress PressForward plugin versions 4.3.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9149d5fd6fd493f3e94be2c3cc8a6fe5c63013bed56d64669eb18d0a79c6e30b
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close