Exploit the possiblities
Showing 1 - 25 of 33 RSS Feed

Files from DefenseCode

Email addressdefensecode at defensecode.com
First Active2012-11-13
Last Active2017-10-10
WordPress Ad Widget 2.10.0 Local File Inclusion
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | a02c1bb177145fdea032f28a60278396
WordPress Simple Login Log 1.1.1 SQL Injection
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Login Log plugin version 1.1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 80eca9af5e5ecacd33c8d526809fd7a8
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 5, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
MD5 | b8e9abcbfbba8f6e6349871a393da400
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 4, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. This is a second advisory from DefenseCode for the same software and vulnerabilities. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
MD5 | 6fac5f12b988c5d618dd41e90f4d5591
WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress Podlove Podcast Publisher plugin versions 2.5.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7644c1e718ad96e70260bb88694784a8
WordPress PressForward 4.3.0 Cross Site Scripting
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress PressForward plugin versions 4.3.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c1bc43011a404f94f827c88a862b2af5
WordPress Easy Modal 2.0.17 SQL Injection
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress Easy Modal plugin versions 2.0.17 and below suffer multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 542c9307580448eb3f35d4186895bd12
IBM Informix 12.10 DB-Access Buffer Overflow
Posted Jul 12, 2017
Authored by Leon Juranic, DefenseCode, Bosko Stankovic

IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to insert data from an operating-system file into an existing table or view. Version 12.10 is affected.

tags | exploit, overflow, arbitrary
MD5 | a6b494ac98eda0f50077d89e22e9c8cf
IBM DB2 Command Line Processor Buffer Overflow
Posted Jun 26, 2017
Authored by Leon Juranic, DefenseCode

IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-1297
MD5 | 5d5fdc9afef069a12acc4631e4723b9a
WordPress No External Links 3.5.17 Cross Site Scripting
Posted Jun 2, 2017
Authored by DefenseCode, Neven Biruski

WordPress No External Links plugin versions 3.5.17 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ee7fddf32f860d0d45b3a0bffdf6d2e6
WordPress Tribulant Newsletters 4.6.4.2 XSS / File Disclosure
Posted Jun 2, 2017
Authored by DefenseCode, Neven Biruski

WordPress Tribulant Newsletters plugin versions 4.6.4.2 and below suffer from cross site scripting and file disclosure vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b670de76da3bd53baa8500a2963d55cf
WordPress Simple Slideshow Manager 2.2 Cross Site Scripting
Posted May 31, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6cafb010fb20043a5898706c8f032a6d
WordPress AffiliateWP 2.0.8 Cross Site Scripting
Posted May 27, 2017
Authored by DefenseCode, Neven Biruski

WordPress AffiliateWP plugin versions 2.0.8 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c6a3f59b74239220d0fd9a314f2789bb
WordPress Huge-IT Video Gallery 2.0.4 SQL Injection
Posted May 27, 2017
Authored by DefenseCode, Neven Biruski

WordPress Huge-IT Video Gallery plugin version 2.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7336919c380a0e84f16a4d0d5f7ce533
WordPress All In One Schema.org Rich Snippets 1.4.1 XSS
Posted May 27, 2017
Authored by DefenseCode, Neven Biruski

WordPress All In One Schema.org Rich Snippets plugin versions 1.4.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9483a5c6080370a01f53f222fa918972
Google API PHP Client 2.1.3 Cross Site Scripting
Posted May 12, 2017
Authored by Leon Juranic, DefenseCode

google-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
MD5 | 01570bb024997801f85e3290dadda5ef
WordPress User Access Manager 1.2.14 Cross Site Scripting
Posted May 11, 2017
Authored by DefenseCode, Neven Biruski

WordPress User Access Manager plugin versions 1.2.14 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4a21b4350764ab31170566267c4ac18b
WordPress Tracking Code Manager 1.11.1 XSS / DoS
Posted May 11, 2017
Authored by DefenseCode, Neven Biruski

WordPress Tracking Code Manager plugin versions 1.11.1 and below suffer from cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
MD5 | d3ef28a36eeaf037536c1dd1e0a8b4b8
WordPress WebDorado Gallery 1.3.29 SQL Injection
Posted May 5, 2017
Authored by DefenseCode, Neven Biruski

WordPress WebDorado Gallery plugin versions 1.3.29 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0e0eefadee755b444571e29ec3efdbcf
WordPress Spider Event Calendar 1.5.49 SQL Injection
Posted May 5, 2017
Authored by DefenseCode, Neven Biruski

WordPress Spider Event Calendar plugin versions 1.5.49 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6173b28ce5d393ee0b49909e4b50ce45
WordPress Facebook 1.0.13 SQL Injection
Posted May 5, 2017
Authored by DefenseCode, Neven Biruski

WordPress Facebook plugin versions 1.0.13 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 48750895bceff41e1f56dec35cc34df9
WordPress AccessPress Social Icons 1.6.6 SQL Injection
Posted Apr 21, 2017
Authored by DefenseCode, Neven Biruski

WordPress AccessPress Social Icons plugin versions 1.6.6 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 9d14bcc50dc1e82357572a79e09e747e
WordPress Ultimate Form Builder Cross Site Scripting
Posted Apr 19, 2017
Authored by DefenseCode, Neven Biruski

WordPress Ultimate Form Builder plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b73d6d904bedc435f3d2dff13d9d57eb
Magento 2.1.6 Shell Upload / Cross Site Request Forgery
Posted Apr 13, 2017
Authored by DefenseCode, Bosko Stankovic

Magento versions 2.1.6 and below suffers from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
MD5 | 7eac7c985713b9e6f32be4da1b6565bb
WordPress BestWebSoft XSS / CSRF
Posted Apr 13, 2017
Authored by DefenseCode, Neven Biruski

53+ WordPress plugins by BestWebSoft suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 265031dbb6abada51eb891db78c25fcd
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close