what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Joshua Reynolds

WordPress LeagueManager 3.8 SQL Injection

Posted Mar 15, 2013

Authored by Joshua Reynolds | Site infosec4breakfast.com

WordPress LeagueManager plugin version 3.8 suffers from a remote SQL injection vulnerability. Both an exploit along with patching recommendations are provided.

tags | exploit, remote, sql injection

advisories | CVE-2013-1852

SHA-256 | a3e13cf6b95a3336ab25ac8195f16b3844e2f53413a7db2fbea7d99a9a980665

Download | Favorite | View

e107 1.0.1 Administrator Cross Site Request Forgery

Posted Jan 1, 2013

Authored by Joshua Reynolds

e107 version 1.0.1 suffers from a cross site request forgery vulnerability that results in arbitrary javascript execution.

tags | exploit, arbitrary, javascript, csrf

advisories | CVE-2012-6433

SHA-256 | 1b51a69a54bac68f0bfc9e8db03bc8acc5a1cf1df0b09c6483ae7fc4ca94a525

Download | Favorite | View

e107 1.0.2 Administrator Cross Site Request Forgery

Posted Jan 1, 2013

Authored by Joshua Reynolds

e107 version 1.0.2 suffers from a cross site request forgery vulnerability that results in SQL injection.

tags | exploit, sql injection, csrf

advisories | CVE-2012-6434

SHA-256 | 581ae255e2a78865ce312d579dde5e9592d78b773c888719f63727ce4b07e219

Download | Favorite | View