This Metasploit module exploits an arbitrary file upload in the sample PHP upload handler for blueimp's jQuery File Upload widget in versions 9.22.0 and below. Due to a default configuration in Apache 2.3.9+, the widget's .htaccess file may be disabled, enabling exploitation of this vulnerability. This vulnerability has been exploited in the wild since at least 2015 and was publicly disclosed to the vendor in 2018. It has been present since the .htaccess change in Apache 2.3.9. This Metasploit module provides a generic exploit against the jQuery widget.
d34fb14aa9b4338617c18788b969d61c2e2bb73edfa259074f37f0336142d5c4IPFire, a free linux based open source firewall distribution, versions 2.15 Update Core 82 and below contain an authenticated remote command execution vulnerability via shellshock in the request headers.
72f8b0873dc11b2d3d2949fc7e34c4a2aa14b2eba24cd506e1e1251f6aec3dd2WordPress WP Fast Cache plugin version 1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
ac41aca70c5a88f3a41f984ab0c2e9a4230e3046cb8b4f0c82930a77e26d30c1WordPress Video Gallery plugin version 2.8 fails to protect email functionality allowing it to be leveraged for spam.
b38dfee27a4c0e1d32faae66624c949bb13653c914e633032fe3b5a39ed22b21WordPress NEX-Forms version 3.0 suffers from a remote SQL injection vulnerability.
f3d2ee0169a4862b50a26f4db64ebb0dd910007cf1db21e531bf128f5fd07b11This Metasploit module exploits an arbitrary PHP code upload in the WordPress N-Media Website Contact Form plugin, version 1.3.4. The vulnerability allows for arbitrary file upload and remote code execution.
06defc0f9a3b1e41269ef7d6c96eebcf75e56a0475dd25a9e1826f8f400e3fd3This Metasploit module exploits an arbitrary PHP code upload in the WordPress Work The Flow plugin, version 2.5.2. The vulnerability allows for arbitrary file upload and remote code execution.
99dafcf218991769dca62fedd1f31fd6083ce929bdd0f494ed3fe6bdff34ddcbWordPress Ajax Store Locator versions 1.2 and below suffer from a remote SQL injection vulnerability.
fd61a90ff71456bbb57803a78ab4b9979a249f8fe9d9954c7d0fb7e5c79ff6deWordPress Video Gallery plugin version 2.8 suffers from a remote SQL injection vulnerability.
2a03380193003bbe9235920994e16af47220139c1f116419515e226aad7aa622WordPress N-Media Website Contact Form with File Upload plugin version 1.3.4 suffers from a remote shell upload vulnerability.
d41218aa3071ffb2db81fe0f6d6cbe3647a9998ddb374231757e89456688781aThis is a python script that performs brute forcing against WordPress installs using a wordlist.
2d97133aba0d51470e503dd301f411312b3310db7a1d1bc94a2801174b8229caWordPress Duplicator plugin versions 0.5.14 and below suffer from cross site request forgery and remote SQL injection vulnerabilities.
f6a51d5df014feb4bd047ab4edcd3143f94f10035313ee7d5c44176c2ffdf44cWordPress All In One WP Security and Firewall plugin version 3.9.0 suffers from a remote SQL injection vulnerability.
2203b9343977b8ce1c7756e193c53801aae33bcc43ac2d1b9dbd42170428a048WordPress Work The Flow plugin version 2.5.2 suffers from a remote shell upload vulnerability.
b23e731d1911c049312f934170230326589cb951911a5055e04af2200b606f71WordPress Marketplace plugin version 2.4.0 add administrator exploit that leverages a vulnerability that allows an attacker to execute any php function unauthenticated.
ac59d4a9526b37f10ef94defac072ade2a47ac7bfca88a79255e93f826142f61WordPress Video Gallery plugin version 2.7 suffers from a remote SQL injection vulnerability.
f1c1b63158e55fcb88ffb9e2a48a95cd38c6187d753ae7798f61c163dd8da92cWP Symposium Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-symposium/server/file_upload_form.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server.
42ecbf4669c89af75d07968bac4f2e5509c6bb5b265890feae2edd0dd0629e00WordPress Download Manager versions 2.7.0 through 2.7.4 suffer from a remote command execution vulnerability.
34ddb275d5055cb3a01743e4fca6a4ffb4537f87c1b95c998437a4e5e1c60732WordPress WP Symposium plugin version 14.11 suffers from a remote shell upload vulnerability.
40867e4656d0afdb7971cdcbf809828fca4fa407c0742530d5803363e555b810WordPress Ajax Store Locator plugin version 1.2 suffers from an arbitrary file download vulnerability.
fa66ce4a4e1a666bfd65e30d511a241b3ef667fc053b4e9ec7d96bdc501e7ed5WordPress wpDataTables plugin versions 1.5.3 and below suffer from a remote SQL injection vulnerability.
87a417e5238d97fe9035e045c94dfd0fcf4fb3ff779079cb6b1d8e8d37e03b1dWordPress wpDataTables versions 1.5.3 and below suffer from a remote shell upload vulnerability.
4c0eecc8ed8af779770866bde670598a67953b0d2cf85eb5d22da1857bc1698cJoomla HD FLV version 2.1.0.1 suffers from an arbitrary file download vulnerability.
1f5d7b6e8ab1c5f896baacf5de0ee26586da67dbb2afa7fa04a53506d348e45aJoomla HD FLV component version 2.1.0.1 suffers from a remote SQL injection vulnerability.
733162606ba1c6d3ad296a0f60b1de5ca10abf359fa141da227db38f94650974Joomla RD Download component suffers from a remote SQL injection vulnerability.
f9d63dd2aa36dce348509d77140267a331a149cfa6a084b1c13b9c8fc1a423a9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed