WordPress Calls To Action 2.4.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Calls to Action plugin version 2.4.3 suffers from a cross site scripting vulnerability.
Archive for December, 2015
WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion
Posted by deepcore under exploit (No Respond)
WordPress Gwolle Guestbook plugin version 1.5.3 suffers from a remote file inclusion vulnerability.
WordPress Ultimate Member 1.3.28 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Ultimate Member plugin version 1.3.28 suffers from a cross site scripting vulnerability.
Oracle BeeHive 2 Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a vulnerability found in Oracle BeeHive. The prepareAudioToPlay method found in voice-servlet can be abused to write a malicious file onto the target machine, and gain remote arbitrary code execution under the context of SYSTEM. Authentication is not required to exploit this vulnerability.
Oracle BeeHive 2 Code Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a vulnerability found in Oracle BeeHive. The processEvaluation method found in voice-servlet can be abused to write a malicious file onto the target machine, and gain remote arbitrary code execution under the context of SYSTEM.
[webapps] – IP.Board 4.1.4.x – Persistent XSS Vulnerability
Posted by deepcore under Security (No Respond)
[dos] – Malwarebytes Antivirus 2.2.0 – DoS PoC
Posted by deepcore under Security (No Respond)
[webapps] – WordPress Users Ultra Plugin 1.5.50 – Persistent XSS
Posted by deepcore under Security (No Respond)
[webapps] – Sysaid Helpdesk Software 14.4.32 b25 – SQL Injection
Posted by deepcore under Security (No Respond)
[dos] – Gnome Nautilus 3.16 – Denial of Service
Posted by deepcore under Security (No Respond)
