WordPress SPNbabble plugin version 1.4.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
40e5d13856c461690cf62603b22a1499bcea09416e08cde4376649a16343fbdb
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
273d006c8de8b880987ccf0fbf746712263ae8cda4ff94d4ca9b6715ae8e6310
This is a SQL injection tool written in PHP. Can be run on Android by installing paw server and the php plugin.
6fff6aa73753b05c54bd02aadd555b37c5069310441744e187a5e3f9ed06a1af
IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin (jpeg_ls.dll) library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent attacker could potentially execute arbitrary code. Proof of concept included. Irfanview Plugins version 4.33 is affected.
cd8bb7da17eb6fd5c44d2f4ceac57a18c44aca435eea690d9247652a97f176d8
This Metasploit module exploits an authentication bypass vulnerability in the administration console of Openfire servers. By using this vulnerability it is possible to upload/execute a malicious Openfire plugin on the server and execute arbitrary Java code. This Metasploit module has been tested against Openfire 3.6.0a. It is possible to remove the uploaded plugin after execution, however this might turn the server in some kind of unstable state, making re-exploitation difficult. You might want to do this manually.
f96c770e59d9d05308428a0fe45cb31107b3064402edcf2653bd604b617ffe44
Secunia Security Advisory - Multiple vulnerabilities have been reported in the Job Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
7af47828ffe2a74c460a3c167ab441ff957e3aba0bf449ef81b03a8ea322543e
Secunia Security Advisory - A vulnerability has been discovered in the Website FAQ plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
c8e9fb5283788ed22bbefb1180a07cfcfa306903014b65a7c20726ab8fc2aaec
Secunia Security Advisory - Some vulnerabilities have been discovered in the SS Quiz plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks and bypass certain security restrictions.
43b9148dc362a06892fb954f3d4a3a9e98c4d0dace30ed21f470735f2141ac54
WordPress Website FAQ plugin version 1.0 suffers from a remote SQL injection vulnerability.
194080a9c6d560ac3dd0cf6014d77cc563bfbf371d95c99fbee6c22e24ceed4e
Secunia Security Advisory - Henry Hoggard has discovered two vulnerabilities in the Schreikasten plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
f9106dffa4d7e1ef5877dc3d3eb7f0aa5874244abd11ed42fe504bffd7d604cc
Secunia Security Advisory - Francis Provencher has discovered a vulnerability in IrfanView Formats PlugIn, which can be exploited by malicious people to compromise a user's system.
4aab7b55fac10269055188d8782bedc1c5003b831ba88acae3d6e07377f19f37
Secunia Security Advisory - A vulnerability has been discovered in the Nmedia MailChimp plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
8cb0c340c8e60e1e7d4e0bdcc53e301a233cdfc0e6610aae0e2f7edc238af7a1
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Mac Photo Gallery plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
0054ebdefe9fc452258529b4609f712cebaab4d258879a58d2fa1aff7322f9cb
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Hupsi Fancybox plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.
6cfc82c0fad5255ca4a775def21abbb0284c94f969f78bb4c9e74c278071bb04
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Image Gallery plugin for e107, which can be exploited by malicious people to disclose sensitive information.
8844044c709b6aa30cceecfcf055bfab2dc631c21079f4dfb392028bb40b5fbc
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the TheCartPress plugin for WordPress, which can be exploited by malicious people to bypass certain security restrictions.
d93aa2de9e4190c622fca8add8e1ce53d9b22d4a5215e4325bdb72fc86f87969
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Hupsi Share plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.
8e5af64f12f009a6bc1b98e4e9576c9bfcec55804ea4f0c0eda69328d00cb3b2
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Radio Plan plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.
367b1b05199a61222994c7aa0e728fb0b7facdec1917b462518370074fd70c36
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Hupsis Media Gallery plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.
0f534606c652b216373d194d699760fa24a172649e214b3231608827d0479546
e107 Tap plugin version 2.0 suffers from a remote shell upload vulnerability.
16d450b6820569c25505641914654435ddd38724cabde859aebdd200c217525b
e107 Radio Plan plugin version 2.06 suffers from a remote shell upload vulnerability.
5220d8a9f509f1a911a75ce3797603c70b92f27bd86d8e23024038f88f0290ca
e107 Hupsi Share plugin version 1.00 suffers from a remote shell upload vulnerability.
01edcafd988a763a0655922e61b5d35515bc3ba601616b9aca3fb8f4ed687449
e107 Image Gallery plugin version 0.9.7.1 suffers from a remote file disclosure vulnerability.
1f7d952a66337a9793777b6c5584a8fced88cabd97560d6834e5f3fd3fb3029e
e107 Hupsi Media Gallery plugin version 1.0 suffers from a remote shell upload vulnerability.
cf798872e71c9fa0094aa28aab7cb5fe4bb92f07513ffad6e92a20748e2682d9
e107 Hupsi Fancybox plugin version 1.0.4 suffers from a remote shell upload vulnerability.
727a4c7d0667d51fdc6d9063229dfbd1e7e1bb30b5ff957fb971eb33023c1113
e107 Filemanager plugin version 1.0 suffers from a remote shell upload vulnerability.
1d93b23a1ed5130b4f2f0502a0ad4874fa5922b73334e7298c15b985733e50fe