Tags archives: php

 

0

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Google Maps WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing users' session tokens, or performing arbitrary actions on their behalf. [...]

 

0

WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Magic Fields 2 plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their [...]

 

0

WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Magic Fields 1 plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their [...]

 

0

WordPress Store Locator Plus 4.5.09 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Store Locator Plus for WordPress ------------------------------------------------------------------------ Yorick Koster, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in Store Locator Plus for WordPress. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. [...]

 

0

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

##################### # Exploit Title: Wordpress Welcome Announcement Cross Site Scripting # Exploit Author: bl4ck_mohajem # Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/ # Tested On: Windows7 # Software Link: https://downloads.wordpress.org/plugin/welcome-announcement.1.0.5.zip # Version: 1.0.5 ###################### # Vulnerable File and Codes: wa_options.php Lines(134-142-161-188-196-204-215-223-234-258-266)   <input class="entry" type="text" size=40 name="wa_opts[cookie_name]" value="<?php echo $wa_opts["cookie_name"]; ?>" /> <input class="entry" type="text" size=40 name='wa_opts[cookie_expiration]'value="<?php echo $wa_opts["cookie_expiration"]; [...]

 

 

 

0

Installare PHP7 su Debian Jessie

La distribuzione Debian 8 (Jessie) è stata pubblicata ormai da più di un anno. Di default, questa distro mette a disposizione la versione 5.6 di PHP che per molte situazioni è adeguata; ma per chi vuole sfruttare i benefici delle ultime novità e, perché no, un aumento decisamente visibile delle prestazioni, è arrivato il momento […]

 

0

Roundcube: risolvere l'errore Net_LDAP2_RootDSE::construct() must be public

Per rosolvere il seguente errore in roundcube PHP Fatal error: Access level to Net_LDAP2_RootDSE::__construct() must be public (as in class PEAR) in roundcubemail/vendor/pear-pear.php.net/Net_LDAP2/Net/LDAP2/RootDSE.php on line 238 Seguire i passi: cd <roundcube-root-folder> Installare composer.phar: curl -s https://getcomposer.org/installer | php copiare il template composer.json-dist in composer.json modificare il file composer.json, nella sezione "require" aggiungere la riga"pear-pear.php.net/net_ldap2": "~2.2.0",…