what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

WordPress WP Mobile Detector 3.5 Shell Upload
Posted Nov 3, 2017
Authored by h00die, Aaditya Purani | Site metasploit.com

WP Mobile Detector Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-content/plugins/wp-mobile-detector/resize.php script does contains a remote file include for files not cached by the system already. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server.

tags | exploit, remote, web, arbitrary, php
MD5 | 1d01dc001a0e9ab61957d22e50f28f0c

Related Files

WordPress WP Mobile Detector 3.5 Shell Upload
Posted Jun 6, 2016
Authored by Aaditya Purani

WordPress WP Mobile Detector versions 3.5 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c235a07986bdec3e13d4df7316edff2a
WordPress WP Mobile Detector 3.5 Shell Upload
Posted Jun 3, 2016
Authored by Aaditya Purani

WordPress WP Mobile Detector plugin versions 3.5 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | ff6c7e0ae1c4ce81cf4777bfd608d17e
WPRF SQL Injection
Posted May 5, 2010
Authored by JM511

WPRF suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dd973105eddbc9f0ef3e6ee46b8a15cd
WordPress Copperleaf Photolog SQL Injection
Posted Feb 15, 2010
Authored by kaMtiEz | Site indonesiancoder.com

WordPress Copperleaf Photolog version 0.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1a285b0103c6638503dd3b3a0009834b
WordPress 2.9 URL Access Bypass
Posted Feb 15, 2010
Authored by Ryan Dewhurst, Tom Mackenzie

WordPress versions 2.9 and above suffer from a failure to restrict URL access.

tags | exploit, bypass
MD5 | 0419438e3dc87cd2be7c4658cd254a98
Wordpress Events Plugin SQL Injection
Posted Jan 4, 2010
Authored by R3d-D3v!L

The Wordpress Events plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1443d7a1bee88777752b69577833d237
Wordpress 2.9 Denial Of Service
Posted Jan 1, 2010
Authored by emgent

Wordpress versions 2.9 and below denial of service exploit.

tags | exploit, denial of service
MD5 | ee2e8f9d18a411cd8ca9e40dd3d2e83c
WordPress / Pyrmont 2 SQL Injection
Posted Dec 18, 2009
Authored by Gamoscu

WordPress and Pyrmont version 2 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d23f9d0bed0f90a0a4928328c9d58a60
WP-Forum 2.3 SQL Injection
Posted Dec 16, 2009
Authored by Juan Galiana Lara

WP-Forum versions 2.3 and below suffer from remote SQL and blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2009-3703
MD5 | 6634ae632b8a259b3b23d9f46e5429fc
WP-Cumulus 1.20 Cross Site Scripting
Posted Nov 24, 2009
Authored by MustLive

WP-Cumulus version 1.20 for WordPress suffers from path disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f94eaac53c426866ebb759864cc3a28a
WordPress MU Cross Site Scripting
Posted Nov 18, 2009
Authored by Juan Galiana Lara

WordPress MU versions 1.2.2 through 1.3.1 wp-includes/wpmu-functions.php suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 05aec9df65f36369548f3c946e013bb4
WordPress WP-Syntax 0.9.1 Command Execution
Posted Aug 27, 2009
Authored by Raz0r | Site raz0r.name

WordPress WP-Syntax component versions 0.9.1 and below suffer from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 40054c915ceb70713621ec20b6737a81
WordPress WP-Syntax 0.9.1 Command Execution
Posted Aug 15, 2009
Authored by Inj3ct0r | Site Inj3ct0r.com

WordPress WP-Syntax component versions 0.9.1 and below remote command execution exploit.

tags | exploit, remote
MD5 | 3fcbe0bc7cc5207da11d291cb2e1fe93
WordPress 2.8.1 Cross Site Scripting
Posted Jul 24, 2009
Authored by superfreakaz0rz

WordPress version 2.8.1 remote cross site scripting exploit.

tags | exploit, remote, xss
MD5 | ef0626ac42efcafaa3f332f5c96ce4c2
WordPress My Category Order 2.8 SQL Injection
Posted Jul 15, 2009
Authored by Manh Luat

The WordPress My Category Order plugin versions 2.8 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 98d6a1597a7c81bae2bf937793c91094
Related Sites WordPress Plugin SQL Injection
Posted Jun 30, 2009
Authored by eLwaux

The Related Sites WordPress plugin version 2.1 suffers from a blind SQL injection vulnerability.

tags | exploit, sql injection
MD5 | abe03f6885245331254c8bd4289beb98
DM Albums 1.9.2 WordPress File Disclosure
Posted Jun 30, 2009
Authored by Stack | Site v4-team.com

The DM Album WordPress plugin version 1.9.2 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 2b51accf48f022447de0bd56445bdd41
Microsoft DNS / WINS Server Network Checker
Posted May 30, 2009
Authored by Alexander Anisimov | Site ptsecurity.com

Simple Freeware Network Checker to detect potentially dangerous entries in Microsoft DNS and WINS name servers (MS09-008).

MD5 | 366079106e8e0e9584a0d8eb335d6f94
Microsoft WPAD Technology Weaknesses
Posted May 30, 2009
Authored by Alexander Anisimov | Site ptsecurity.com

WPAD (Web Proxy Auto Discovery) is a method used by web clients to automatically locate a browser configuration file used to connect through a proxy. Successful attacks on WPAD guarantees attackers full access on user data sent to the Internet which could allow theft of critical data like passwords or credit card numbers. WPAD potential danger depends on two factors: default configuration and weak awareness among users. In this article they discuss WPAD architecture and its many functioning principles in home and corporate networks, real examples of attacks and give recommendations for ordinary users and system administrators that allow reducing attack consequences.

tags | paper, web
MD5 | 8be9b35749a0834dbc991b16cdb24935
Wordpress Lytebox Local File Inclusion
Posted May 27, 2009
Authored by TurkGuvenligi | Site turkguvenligi.info

The Lytebox plugin for Wordpress suffers from remote command execution and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
MD5 | b220ddeaad3754d08aed489813e0c0d7
Wordpress fMoblog 2.1 SQL Injection
Posted Mar 18, 2009
Authored by strange.kevin

The Wordpress fMoblog plugin version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3845cdaf0014c574946e5a98a1053635
Wordlist Cracking WPA/WPA2-PSK
Posted Mar 9, 2009
Authored by ka0x

Whitepaper discussing the cracking of WPA and WPA-PSK with a wordlist. Written in Spanish.

tags | paper
MD5 | 3a751abb852b36af1a5524202634b8c1
Wordpress WP-Forum 1.7.8 SQL Injection
Posted Jan 12, 2009
Authored by seomafia

Wordpress plugin WP-Forum version 1.7.8 suffers from a remote SQL injection vulnerability in forum_feed.php.

tags | exploit, remote, php, sql injection
MD5 | bdced0a23eb7c15d3993c86b67048a7a
Wordpress Page Flip Image Gallery 0.2.2 File Disclosure
Posted Dec 30, 2008
Authored by GolD_M | Site tryag.cc

The Wordpress Page Flip Image Gallery plugin versions 0.2.2 and below suffer from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 1380050a6c3ac47d7f3d88422f437f9d
Wordpress 2.7 Password Hash Cracker
Posted Dec 22, 2008
Authored by julioisaias

Wordpress version 2.7 password hash attack tool.

tags | cracker
MD5 | e5b287c272a8e92b08637045ebfe7cba
Page 1 of 4
Back1234Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close