Showing 1 - 11 of 11

Files Date: 2014-12-14 to 2014-12-15

Mikiurl WordPress Eklentisi 2.0 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; Mikiurl WordPress Eklentisi WP plugin version 2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9337; SHA-256 | df9a035052db81f07e5b5e7bd5e70024c89200646829731c9674d76c196db1c4; Download | Favorite | View

WordPress yURL ReTwitt WP 1.4 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; WordPress yURL ReTwitt WP plugin version 1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9341; SHA-256 | 487248aa9bbe59d02909227ac36aff41fa4aa97417a9e6cf9a4774a5cee297c6; Download | Favorite | View

WordPress wpCommentTwit 0.5 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; WordPress wpCommentTwit plugin version 0.5 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9340; SHA-256 | d5c3add6148f7372c1f4339a37688f036562662148a8c69ecb66659d35618014; Download | Favorite | View

WordPress Download Manager 2.7.4 Remote Command Execution: Posted Dec 14, 2014; Authored by Claudio Viviani; WordPress Download Manager versions 2.7.0 through 2.7.4 suffer from a remote command execution vulnerability.; tags | exploit, remote; SHA-256 | 34ddb275d5055cb3a01743e4fca6a4ffb4537f87c1b95c998437a4e5e1c60732; Download | Favorite | View

Ekahau Real-Time Location System RC4 Cipher Stream Reuse / Weak Key Derivation: Posted Dec 14, 2014; Authored by Max Moser, David Gullasch; Ekahau Real-Time Location System suffers from RC4 cipher stream reuse and weak key derivation flaws. The message payload of the affected solution is always encrypted using the same RC4 cipher stream. When combining two encrypted messages with an XOR operation, the cipher stream will cancel out. With this, an attacker is able to recover the bitwise difference of two plain texts. The 128 bit RC4 key used in the Ekahau setup is trivially derived from the three least significant bytes of the MAC address. The key derivation scheme can be recovered from publicly available program code or any Ekahau tag's EEPROM.; tags | exploit; advisories | CVE-2014-2716; SHA-256 | a6ce7b1308744e978d9de9d7f014e08f9af93014056f5d15361dbdf486a9720c; Download | Favorite | View

WordPress SPNbabble 1.4.1 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; WordPress SPNbabble plugin version 1.4.1 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9339; SHA-256 | 40e5d13856c461690cf62603b22a1499bcea09416e08cde4376649a16343fbdb; Download | Favorite | View

WordPress DandyID Services ID 1.5.9 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; WordPress DandyID Services plugin version 1.5.9 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9335; SHA-256 | 326934b7db084938b38b59409fc1ca099f5e5a061add78a0bfbbff97351ab24e; Download | Favorite | View

Debian Security Advisory 3103-1: Posted Dec 14, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3103-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.; tags | advisory; systems | linux, debian; advisories | CVE-2014-9130; SHA-256 | a1ddf6c50b16ffa24a96002cafff871f602e1595d5aafacc8d319fc27d8cbab0; Download | Favorite | View

Debian Security Advisory 3102-1: Posted Dec 14, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3102-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.; tags | advisory; systems | linux, debian; advisories | CVE-2014-9130; SHA-256 | c1980d775778424421c5584e68774bb782a7e149bd23a685210320f6c9af1dde; Download | Favorite | View

WordPress twitterDash 2.1 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; WordPress twitterDash plugin version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9368; SHA-256 | 7d98ca7552b1ffc70153ec46af3888968059995a46f62a271ced40a606f65d7a; Download | Favorite | View

WordPress iTwitter WP 0.04 CSRF / XSS: Posted Dec 14, 2014; Authored by Manideep K; WordPress iTwitter WP plugin version 0.04 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2014-9336; SHA-256 | 2b6e55ff2e4c236215d4eb3846cedaafdc8bd7fdd55262d55222a611bb3b7fcc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days