This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 2.9.3 to perform an arbitrary file read with the web server privileges.
f67aec0e1808a4048efded2042ded5a9Laravel version 8.4.2 suffers from a debug mode remote code execution vulnerability.
777a54e04861b26de13d508208e0dd5bThis Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink version 1.11.0.
a8332e42d64ab8da484106f4450b83c2Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.
576b9b1598c826767542e7d40705bbc2CSZ CMS version 1.2.9 suffers from multiple cross site scripting vulnerabilities.
1ed4df9d15c3b3ca05832e0d79200b0aWhitepaper called Object Prototype Pollution Attack.
47102dc9d96a280fceb29bd1300d2a6aThis Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress plugin W3 Total Cache version 0.9.2.6 through 0.9.3, allowing arbitrary file read with the web server privileges.
7ead4511c9260d6098e2191ece098f61Whitepaper called Exploit WordPress Plugin Vulnerability Using Static Source Code Analysis Techniques.
5547d9c5988fdab38bfb79b10e2532b8This is a brief whitepaper discussing best practices in mobile application security.
077ad6207fbdc6a00700a76feb4cde0cWhitepaper called API Security Overview that discusses different types of flaws and exploitation of API insecurities.
569e9618b5cbeac20e8fe78ab24f61feWonderCMS version 3.1.3 suffers from a persistent cross site scripting vulnerability. Original finding for persistent cross site scripting in this version of WonderCMS is attributed to Hemant Patidar.
0a86a07638c2bc4b20e96c08d1fd7f89WordPress Accesspress Social Icons theme version 1.7.9 suffers from a remote SQL injection vulnerability.
d3cb5885976c55c92fedea658fd20a13Apache OpenMeetings version 5.0.0 suffers from a denial of service vulnerability.
59eb8c12340cd20675e0710a793e9bcbBigTree CMS version 4.4.10 suffers from a remote code execution vulnerability.
353327fef903019f8b589b0223caf8baSymphony CMS version 3.0.0 suffers from a persistent cross site scripting vulnerability.
057fa5a8fd0169b62ab2a607007249aaWordPress Autoptimize plugin version 2.7.6 suffers from an authenticated remote shell upload vulnerability.
07265bbb9062f5d7ecf6fa2ea1b61683Whitepaper called Exploit Command Injection Router via reverse firmware technique.
d656257a28af7647491580460f2f0396Whitepaper called Detect SQL Injection WordPress Plugin using RegEx.
2f1d697338aa6cf05465453dbe6e9a2aWordPress Form Maker plugin versions 5.4.1 and below suffer from a remote SQL injection vulnerability.
c2037ea8b7b6a7adb05a327e9db1593dPHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.
0a1a9de287822195e0373a79ec7c6409E-Commerce System version 1.0 suffers from a remote code execution vulnerability.
4ab9f87ae2b591ad7409c2f5ebf2477cWordPress ChopSlider3 plugin version 3.4 suffers from a remote SQL injection vulnerability.
6955d4cbf37044560edc06209617d1abOrchard Core version RC1 suffers from a persistent cross site scripting vulnerability.
cdded030e80995cdb86d3d60eef1e4f7PHP-Fusion version 9.03.50 suffers from a persistent cross site scripting vulnerability.
939a3889a23fef8e94256b55ad25eb83LeptonCMS version 4.5.0 suffers from a persistent cross site scripting vulnerability.
63e48f62f520be8f9282125543a59a16
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed