• WordPress Huge-IT Video Gallery 2.0.4 SQL注入

    WordPress Huge-IT Video Gallery 2.0.4 SQL注入
    Advisory ID: DC-2017-01-009 SQL injection Vulnerable Function: $wpdb->get_var( $query ); Vulnerable Variable: $_POST['cat_search'] Vulnerable URL: http://www.vulnerablesite.com/wp-admin/admin.php?page=video_galleries_huge_it_video_gallery Vulnerable Body: cat_search=DefenseCode AND (SELECT * FROM (SELECT(SLEEP(5)))DC) Fi...阅读全文
    作者:hedysx | 分类:漏洞公布 | 阅读:2,993次 | 标签:
  • WordPress Front-end Editor上传漏洞

    WordPress Front-end Editor上传漏洞
    Description: The WordPress Front-end Editor plugin contains an authenticated file upload vulnerability. We can upload arbitrary files to the upload folder, because the plugin also uses it’s own file upload mechanism instead of the wordpress api it’s possible to upload any file type. ## # This module requires Metasploit: http://metasploit.com/do...阅读全文
    作者:hedysx | 分类:漏洞公布 | 阅读:4,117次 | 标签:
  • WordPress RevSlider上传和执行漏洞

    WordPress RevSlider上传和执行漏洞
    ## #This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::HTTP::Wordpress include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, 'Name'     ...阅读全文
    作者:hedysx | 分类:漏洞公布 | 阅读:4,624次 | 标签:
  • WordPress eShop 6.3.11代码执行漏洞

    WordPress eShop 6.3.11代码执行漏洞
    CVE-2015-3421 Description: High-Tech Bridge Security Research Lab discovered a security vulnerability in the eShop WordPress Plugin, which can be exploited by remote attackers to overwrite arbitrary PHP variables within the context of the vulnerable application. The vulnerability exists due to insufficient validation of user-supplied input in the “eshopc...阅读全文
    作者:hedysx | 分类:漏洞公布 | 阅读:3,442次 | 标签: