Wordpress W3 Total Cache PHP Code Execution
This Metasploit module exploits a PHP Code Injection vulnerability against Wordpress plugin W3 Total Cache for versions up to and including 0.9.2.8. WP Super Cache 1.2 or older is also reported as...
View ArticleOpenSSL Heartbeat (Heartbleed) Information Leak
This Metasploit module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services...
View ArticleWordpress MailPoet (wysija-newsletters) Unauthenticated File Upload
The Wordpress plugin "MailPoet Newsletters" (wysija-newsletters) before 2.6.8 is vulnerable to an unauthenticated file upload. The exploit uses the Upload Theme functionality to upload a zip file...
View ArticleWordpress WPTouch Authenticated File Upload
The Wordpress WPTouch plugin contains an authenticated file upload vulnerability. A wp-nonce (CSRF token) is created on the backend index page and the same token is used on handling ajax file uploads...
View ArticleDrupal HTTP Parameter Key/Value SQL Injection
This Metasploit module exploits the Drupal HTTP Parameter Key/Value SQL Injection (aka Drupageddon) in order to achieve a remote shell on the vulnerable instance. This Metasploit module was tested...
View ArticleWordpress Download Manager (download-manager) Unauthenticated File Upload
The WordPress download-manager plugin contains multiple unauthenticated file upload vulnerabilities which were fixed in version 2.7.5.
View ArticleWordPress Platform Theme Remote Code Execution
The Wordpress Theme "platform" contains a remote code execution vulnerability through an unchecked admin_init call. The theme includes the uploaded file from it's temp filename with php's include...
View ArticleWordPress W3 Total Cache PHP Code Execution
This Metasploit module exploits a PHP Code Injection vulnerability against WordPress plugin W3 Total Cache for versions up to and including 0.9.2.8. WP Super Cache 1.2 or older is also reported as...
View ArticleVideoCharge Studio Buffer Overflow (SEH)
This Metasploit module exploits a stack based buffer overflow in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC file. This vulnerability could be exploited by a remote attacker...
View ArticleJoomla HTTP Header Unauthenticated Remote Code Execution
Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5.0 to 3.4.5. By storing user supplied headers in the databases session table it's possible to truncate the...
View Article