WordPress Polls 1.2.4 SQL Injection
Posted by deepcore under exploit (No Respond)
WordPress Polls plugin version 1.2.4 suffers from a remote SQL injection vulnerability.
Archive for October, 2017
Mikogo 5.4.1.160608 Local Credentials Disclosure
Posted by deepcore under exploit (No Respond)
Mikogo version 5.4.1.160608 is vulnerable to local credential disclosure. The supplied password is stored as a MD5 hash format in memory. A potential attacker could reveal the supplied password hash and re-use it or store it via the configuration file in order to gain access to the account.
[webapps] FS Realtor Clone – 'id' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] Mura CMS < 6.2 – Server-Side Request Forgery / XML External Entity Injection
Posted by deepcore under Security (No Respond)
Mura CMS < 6.2 – Server-Side Request Forgery / XML External Entity Injection
Tags: 0day, remote exploit[webapps] FS Thumbtack Clone – 'ser' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] FS Care Clone – 'sitterService' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] FS Monster Clone – 'id' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] FS Crowdfunding Script – 'id' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] FS Trademe Clone – 'id' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] FS Shutter Stock Clone – 'keywords' SQL Injection
Posted by deepcore under Security (No Respond)