Vulnerabilities
Codoforum 2.5.1 Arbitrary File Download
str_replace() is used to sanitize file path but function output is not assigned to variable.
10-03-2015
1 MIN READ
Vulnerabilities
WordPress Download Manager 2.7.2 Privilege Escalation
Using basic_settings() we can update every WordPress options, for example
06-03-2015
1 MIN READ
Vulnerabilities
WordPress Backup to Dropbox 4.0 Reflected XSS
$_REQUEST['title'] is not escaped.
02-03-2015
1 MIN READ
Vulnerabilities
Page Builder by SiteOrigin 2.0.3 Reflected XSS
$_REQUEST['widget'] is not escaped.
26-02-2015
1 MIN READ
Vulnerabilities
Duplicator 0.5.8 Privilege Escalation
Package functions are accessible to every registered users because admin privileges are not checked properly.
18-02-2015
1 MIN READ
Vulnerabilities
WonderPlugin Audio Player 2.0 Blind SQL Injection and XSS
wp_ajax_save_item() is accessible for every registered user (admin privileges are not checked).
16-02-2015
1 MIN READ
Vulnerabilities
Chamilo LMS 1.9.8 Blind SQL Injection
There is few places where `Database
09-02-2015
2 MIN READ
Vulnerabilities
Photo Gallery 1.2.5 Unrestricted File Upload
Every registered user can access UploadHandler.php.
26-01-2015
2 MIN READ
From 0 to pentesting hero
Unzip
This time, unusually - we are not going to look at a specific programming language but a Linux function - unzip - that is for extracting files.
29-01-2019
2 MIN READ