| Email address | private |
|---|---|
| First Active | 2014-09-15 |
| Last Active | 2023-11-13 |
This is a script that checks the WordPress WP Rocket plugin to see if it is a version vulnerable to local file inclusion.
c3229af0a58a90826c202f67b9967c50d32d7265ad9cc923c136a59dbeebe883PHP Melody version 2.7.3 suffers from cross site scripting and SQL injection vulnerabilities.
5614049b822636ce667292c3cab2231cc4225e1397f912386bf5a79eb8d44faaeFront version 3.6.15 suffers from a code execution vulnerability.
c6e64f257f167f7852a80672b6b5fc8b3f905cade9a0fe5ef321c1c60367e8baPHPSYSINFO versions 3.1.12 and below suffer from a local file disclosure vulnerability.
b91e2c3deff78812557e1059259cdd4c9d9b19aee77d73d5577ab98c615f3ab5Magento eCommerce versions 1.9.0 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.
2abdab09c60b62e14aaa6b4c47c3f0c149c4561cf4f13a7a1514da1b9474cc0aAfterLogic WebMail Lite allows for an unauthenticated user to set an administrative password.
bf60678dc4156a2c4163e6ba2c9b3dc300a0635313915e2001465b0a83a9262aProgram-O version 2.4.6 suffers from http response splitting, cross site scripting, and local file inclusion vulnerabilities.
76658244af3e987274e86b16084fa6ffaf0d26aebcfead558ea9f4ca01983a80Banana Dance Wiki CMS version b2.x suffers from local file inclusion and remote SQL injection vulnerabilities.
5aea54712b3fcfc9bb62181feb0c7c2c80bfa25156dc0a43ef48f5ca566ca84aFacebook Mobile allowed for a name change prior to the 60 day limit.
e9022186bc9182406a9f7e6e9807d1d8c75ccb9ffbc563e752cb736aac563f8bCatBot version 0.4.2 suffers from a remote SQL injection vulnerability.
8ca8d8041febb4bd7e87451a3b49b4a0db8053b94320613163e2349fd83ba080Facebook suffered from an insecure direct object reference vulnerability.
331056674239d4a2b8597c783a977751033ec9efe723bf4173cf02c9fb7e6878Facebook Studio suffered from a cross site scripting vulnerability.
6c44cbb682aafd6daec44b1de42940894bcdb8d43089d73242d17f4e0333676dMorfy CMS version 1.05 suffers from a remote command execution vulnerability.
58989d19395dfd9366042fa905b02009b55fe443fc5713b823583113c2af8e3aMonstra versions 3.0.1 and below keep a tally client side in a cookie to count login attempts, allowing an attacker to completely bypass their abuse functionality.
e559a6fc29b5452cf0090e6cc326b4afa0c52ebd83000579ad0a03b5b75fae8aMonstra versions 3.0.1 and below suffer from an HTTP response splitting vulnerability.
333a7cbaeed3cb481b4ccd4a7866dfecf3b66efe774dfea04879157048aaa69eAnchor CMS versions 0.9.2 and below suffer from a header injection vulnerability.
d1627d2ea7402acbd8c551b616bb1440bb991963b32d178d425ebbb7de626061ZXDSL 831CII suffers from a cross site request forgery vulnerability.
843e8f18a1aecb19a3193b0c21a2f4b43254e1c19a3543a86ca96e33f9b2994aZTE ZXDSL 831 suffers from multiple cross site scripting vulnerabilities.
fea9ea0557fdb4cf4949d6b661ca6949f9f891e48e62dfa0a42fcc32b6ace91eZTE 831CII suffers from cross site request forgery, hardcoded administrative credential, and cross site scripting vulnerabilities.
71cb47b2c17ef7f0dfffab54cfb391823034e3c990567867983eacd51e01d6caZTE ZXDSL 831CII suffers from an insecure direct object reference vulnerability that allows for authentication bypass.
1f03cc0b111dd69b400b5bc45c9417e5af28680d6acb649fecfb52fffe14bd19Damn Vulnerable Web Application, which is meant to be a vulnerable web application for security testing, can be leveraged by attackers to compromise your system when in use. This is a good reminder to only use DVWA on an air-gapped network. This exploits demonstrates the ability to gain code execution on the system.
75399c599af8214d734313a75983c0648c16b80932511c55319919111ea07883
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed