Vulnerabilities
Double Opt-In for Download 2.0.9 Sql Injection
$_POST[ 'id' ] is not escaped. populate_download_edit_form() is accessible for every registered user.
06-06-2016
1 MIN READ
Vulnerabilities
wpDiscuz Supercharged native comments 3.1.4 Reflected XSS
parse_str() function is used without second param so variables are set in current scope.
30-05-2016
1 MIN READ
Vulnerabilities
Redux Framework 3.5.8.4 Reflected XSS
If user has at least one not dismissed notice, we have reflected XSS.
09-05-2016
2 MIN READ
Vulnerabilities
Monstra 3.0.1 Privilege Escalation
Every registered user can change every account because `Request
08-04-2016
2 MIN READ
Vulnerabilities
Tribulant Slideshow Gallery 1.5.3.4 Reflected XSS
$_GET['order'] is not escaped.
21-03-2016
1 MIN READ
Vulnerabilities
Tiny Tiny RSS Blind SQL Injection
$item_id inside process_category_order() is not properly escaped. Then it's used in UPDATE statement.
15-02-2016
2 MIN READ
Vulnerabilities
Huge It Image Gallery 1.7.0 Reflected XSS
$_POST['thumbtext'] and $_POST['linkbutton'] are not escaped inside huge_it_video_gallery_ajax().
08-02-2016
1 MIN READ
Vulnerabilities
Profile Builder 2.2.4 Reflected XSS
$_GET['loginerror'] is not escaped.
02-02-2016
1 MIN READ
From 0 to pentesting hero
XSS using SVG file
The functionality of file upload is a key place where we should pay special attention to. If the attacker successfully sends and executes a malicious file, the whole server may be taken over.
12-03-2019
3 MIN READ