Joomla AceFTP Arbitrary File Download
Posted by deepcore under exploit (No Respond)
Joomla AceFTP component appears to suffer from an arbitrary file download vulnerability.
Archive for August, 2016
PayPal 2FA Bypass
Posted by deepcore under exploit (No Respond)
PayPal suffered from a two-factor authentication bypass vulnerability.
Telegram Bot API Cross Site Request Forgery / Denial Of Service
Posted by deepcore under exploit (No Respond)
A cross site request forgery vulnerability in the Telegram Bot API can allow for denial of service attacks.
OpenCart 2.0.3.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
OpenCart version 2.0.3.1 suffers from a cross site scripting vulnerability.
nopCommerce 3.70 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
nopCommerce version 3.70 suffers from a cross site scripting vulnerability.
Stash CMS 1.0.3 SQL Injection
Posted by deepcore under exploit (No Respond)
Stash CMS version 1.0.3 suffers from a remote SQL injection vulnerability.
Taser Axon Dock 3.1 Authentication Bypass
Posted by deepcore under exploit (No Respond)
Taser Axon Dock version 3.1 suffers from authentication bypass vulnerabilities.
WordPress Photo Gallery 1.8.5 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Photo Gallery by Supsystic plugin version 1.8.5 suffers from a stored cross site scripting vulnerability.
WordPress Peter's Login Redirect 2.9.0 XSS / CSRF
Posted by deepcore under exploit (No Respond)
WordPress Peter’s Login Redirect plugin version 2.9.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
WordPress Email Users 4.8.3 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
WordPress Email Users plugin version 4.8.3 suffers from a cross site request forgery vulnerability.