Showing 1 - 4 of 4

Files from Danilo Massa

Elgg 1.8.8 Insecure Installation: Posted Nov 1, 2012; Authored by Danilo Massa, Enrico Cinquini; Elgg version 1.8.8 suffers from an insecure installation vulnerability.; tags | advisory; SHA-256 | 1e4bb604f2161f37a4acd42f8b02dc3f5b8876fc19bab006c1f3fd5af506bb3c; Download | Favorite | View

Liferay JSON Server API Authentication: Posted Aug 3, 2012; Authored by Danilo Massa, Enrico Cinquini; The Liferay JSON implementation does not check if a user calling a method on a serviceClass is disabled. Usually the default administrator user, test@liferay.com, is used to create a new administrator and disabled without a change to the default password, so it is possible to use it to execute JSON API calls. Versions 6.0.5 and 6.0.6 are vulnerable.; tags | exploit, bypass; SHA-256 | 840d89136b0bbd34dcc7fbaa674c8f425af2c5bab7ef9bb1fac81338af82ef39; Download | Favorite | View

BackWPup WordPress Plugin 1.4.0 File Content Disclosure: Posted Feb 28, 2011; Authored by Danilo Massa; BackWPup WordPress plugin versions 1.4.0 and below suffer from a file content disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 11874aac3134e7b1c28564b2b1dd391fc7b31fa8ecf72478b47ba3ade60462d1; Download | Favorite | View

Events Manager Wordpress Plugin 2.1 Blind SQL Injection: Posted May 12, 2010; Authored by Danilo Massa; Events Manager Wordpress plugin versions 2.1 and below suffer from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 49ee90956f2a053ee664c6466f6d91586a585c8f4d3d2848c19b3094882dd546; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days