Vulnerabilities
Tiki Wiki CMS 15.0 Arbitrary File Download
Using flv_stream.php file from vendor directory we can download any file.
11-07-2016
1 MIN READ
Vulnerabilities
LimeSurvey 2.06 Build 160123 Reflected XSS
$_GET['name'] is not escaped and then displayed inside pop_editor_view.
29-06-2016
1 MIN READ
Vulnerabilities
OptionTree 2.5.5 Reflected XSS
Items from $_REQUEST['settings'] are not escaped.
23-06-2016
3 MIN READ
Vulnerabilities
Lingotek Translation 1.1.8 Reflected XSS
$_GET['sm'] is not escaped.
20-06-2016
1 MIN READ
Vulnerabilities
phpMyFAQ 2.9.0 Stored XSS
PHP filter_input() function with FILTER_VALIDATE_URL flag is used to validate url inside savefaq functionality.
09-06-2016
1 MIN READ
Vulnerabilities
Double Opt-In for Download 2.0.9 Sql Injection
$_POST[ 'id' ] is not escaped. populate_download_edit_form() is accessible for every registered user.
06-06-2016
1 MIN READ
Vulnerabilities
wpDiscuz Supercharged native comments 3.1.4 Reflected XSS
parse_str() function is used without second param so variables are set in current scope.
30-05-2016
1 MIN READ
Vulnerabilities
Redux Framework 3.5.8.4 Reflected XSS
If user has at least one not dismissed notice, we have reflected XSS.
09-05-2016
2 MIN READ
From 0 to pentesting hero
Open redirection
We are used to the fact that websites contain links to another web services. But, can automatic redirection to external domain be harmful?
09-04-2019
3 MIN READ