2018 December

WordPress Snap Creek Duplicator Code Injection

Posted by deepcore under exploit (No Respond)

When the WordPress plugin Snap Creek Duplicator restores a backup, it leaves dangerous files in the filesystem such as installer.php and installer-backup.php. These files allow anyone to call a function that overwrite the wp-config.php file AND this function does not sanitize POST parameters before inserting them inside the wp-config.php file, leading to arbitrary PHP code […]

[local] CyberLink LabelPrint 2.5 – Stack Buffer Overflow (Metasploit)

Posted by deepcore under Security (No Respond)

CyberLink LabelPrint 2.5 – Stack Buffer Overflow (Metasploit)

Tags: 0day, remote exploit

[dos] WebKit JIT – Int32/Double Arrays can have Proxy Objects in the Prototype Chains

Posted by deepcore under Security (No Respond)

WebKit JIT – Int32/Double Arrays can have Proxy Objects in the Prototype Chains

Tags: 0day, remote exploit

[dos] Linux – 'userfaultfd' Bypasses tmpfs File Permissions

Posted by deepcore under Security (No Respond)

Linux – ‘userfaultfd’ Bypasses tmpfs File Permissions

Tags: 0day, remote exploit

WordPress NikolayDyankovDesign 2.0 Arbitrary File Disclosure

Posted by deepcore under exploit (No Respond)

WordPress NikolayDyankovDesign theme version 2.0 suffers from an arbitrary file disclosure vulnerability.

WordPress Real-Estate-Listing-Realtyna-Wpl 4.3.2 Database Disclosure

Posted by deepcore under exploit (No Respond)

WordPress Real-Estate-Listing-Realtyna-Wpl plugin version 4.3.2 suffers from a database disclosure vulnerability.

WordPress HighStand 4.6.1 Database Disclosure

Posted by deepcore under exploit (No Respond)

WordPress HighStand theme version 4.6.1 suffers from a database disclosure vulnerability.

WordPress Simple-E-Commerce-Shopping-Cart 2.2.5 Database Disclosure

Posted by deepcore under exploit (No Respond)

WordPress Simple-E-Commerce-Shopping-Cart plugin version 2.2.5 suffers from a database disclosure vulnerability.

Joomla Acymailing 2.0.0 Database Disclosure

Posted by deepcore under exploit (No Respond)

Joomla Acymailing component version 2.0.0 suffers from a database disclosure vulnerability.

WordPress Total-Child-Theme-Master 1.0 Arbitrary File Disclosure

Posted by deepcore under exploit (No Respond)

WordPress Total-Child-Theme-Master theme version 1.0 suffers from an arbitrary file disclosure vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

WordPress Snap Creek Duplicator Code Injection

[local] CyberLink LabelPrint 2.5 – Stack Buffer Overflow (Metasploit)

[dos] WebKit JIT – Int32/Double Arrays can have Proxy Objects in the Prototype Chains

[dos] Linux – 'userfaultfd' Bypasses tmpfs File Permissions

WordPress NikolayDyankovDesign 2.0 Arbitrary File Disclosure

WordPress Real-Estate-Listing-Realtyna-Wpl 4.3.2 Database Disclosure

WordPress HighStand 4.6.1 Database Disclosure

WordPress Simple-E-Commerce-Shopping-Cart 2.2.5 Database Disclosure

Joomla Acymailing 2.0.0 Database Disclosure

WordPress Total-Child-Theme-Master 1.0 Arbitrary File Disclosure

Tabs Switcher

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

BLOGROLL