WordPress Contact Form Maker 1.13.1 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
WordPress Contact Form Maker plugin version 1.13.1 suffers from a cross site request forgery vulnerability.
Archive for April, 2019
AIDA64 Extreme 5.99.4900 SEH Buffer Overflow
Posted by deepcore under exploit (No Respond)
AIDA64 Extreme version 5.99.5900 logging SEH buffer overflow exploit.
Manage Engine ServiceDesk Plus 9.3 Privilege Escalation
Posted by deepcore under exploit (No Respond)
Manage Engine ServiceDesk Plus version 9.3 suffers from a privilege escalation vulnerability.
FreeSMS 2.1.2 SQL Injection
Posted by deepcore under exploit (No Respond)
FreeSMS version 2.1.2 suffers from a remote SQL injection vulnerability.
WordPress 5.0.0 crop-image Shell Upload
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a path traversal and a local file inclusion vulnerability on WordPress versions 5.0.0 and versions below or equal to 4.9.8. The crop-image function allows a user, with at least author privileges, to resize an image and perform a path traversal by changing the _wp_attached_file reference during the upload. The second part […]
iScripts ReserveLogic SQL Injection
Posted by deepcore under exploit (No Respond)
iScripts ReserveLogic suffers from a remote SQL injection vulnerability.
Ashop Shopping Cart Software SQL Injection
Posted by deepcore under exploit (No Respond)
Ashop Shopping Cart Software suffers from a remote SQL injection vulnerability.
AIDA64 Business 5.99.4900 SEH Buffer Overflow
Posted by deepcore under exploit (No Respond)
AIDA64 Business version 5.99.4900 SEH buffer overflow exploit with egghunter.
PhreeBooks ERP 5.2.3 Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
PhreeBooks ERP version 5.2.3 suffers from an arbitrary file upload vulnerability.
PhreeBooks ERP 5.2.3 Remote Command Execution
Posted by deepcore under exploit (No Respond)
PhreeBooks ERP version 5.2.3 suffers from a remote command execution vulnerability.