what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

Files

WordPress Calendar SQL Injection
Posted Jan 31, 2010
Authored by HackXBack

The Wordpress Calendar plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 632e5bf0f2f5c47acb839c0010416e15

Related Files

WordPress Creative Contact Form Upload
Posted Apr 19, 2015
Authored by Gianni Angelozzi | Site metasploit.com

This Metasploit module exploits an arbitrary PHP code upload in the WordPress Creative Contact Form version 0.9.7. The vulnerability allows for arbitrary file upload and remote code execution.

tags | exploit, remote, arbitrary, php, code execution, file upload
MD5 | 134c796ad1d27553f7d2f3e571bc64cd
WordPress WP EasyCart Unrestricted File Upload
Posted Feb 9, 2015
Authored by Kacper Szurek | Site metasploit.com

WordPress Shopping Cart (WP EasyCart) Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /inc/amfphp/administration/banneruploaderscript.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server. In versions 3.0.8 and below authentication can be done by using the WordPress credentials of a user with any role. In later versions, a valid EasyCart admin password will be required that is in use by any admin user. A default installation of EasyCart will setup a user called "demouser" with a preset password

tags | exploit, remote, web, arbitrary, php
MD5 | 3b4a1be7a90f5f76e744919a1666c4c8
WordPress Chocolate Theme XSS / Denial Of Service / Shell Upload
Posted Jan 23, 2013
Authored by MustLive

The WordPress Chocolate theme suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.

tags | exploit, remote, denial of service, shell, vulnerability, xss, info disclosure
MD5 | 383c31ff9f8f63672d84344f678d0499
WordPress Calendar-Script Blind SQL Injection
Posted Nov 9, 2012
Authored by Ashiyane Digital Security Team

The WordPress Calendar-Script third party plugin suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 820974a5df452c882dc3aee84dc705bc
WordPress Custom Contact Forms Cross Site Scripting
Posted May 11, 2012
Authored by SiNA Rabbani

The WordPress Custom Contact Forms suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a87fa4c3207c8d7c6d5daabbd235929d
WordPress Comment Rating Cross Site Scripting / SQL Injection
Posted Jan 3, 2012
Authored by The Evil Thinker

The WordPress Comment Rating plugin suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | a53a0c66c38d07d2715138d38faf7c36
WordPress Clickdesk Live Support Chat Cross Site Scripting
Posted Nov 23, 2011
Authored by Am!r | Site irist.ir

The WordPress Clickdesk Live Support plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ee39c0d232e9ad0139b788eddb0b6e49
Secunia Security Advisory 43428
Posted Mar 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the WordPress cdnvote Plugin, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | cb9a7dd880d2dce00a56f8d52a5437cf
Cimy Counter For Wordpress Full Path Disclosure / Cross Site Scripting
Posted Jun 25, 2010
Authored by MustLive

The Wordpress Cimy Counter plugin suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f00c2b2424cc98d421b92c8263bdc218
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    11 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close