Amir

10 exploits Active since Sep 2012
CVE-2011-5179 EXPLOITDB text WRITEUP
Skysa App Bar Integration Plugin < 1.03 - Cross-Site Scripting via Submit Parameter
Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly before 1.04, for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter.
CVE-2011-5181 EXPLOITDB text WRITEUP
ClickDesk Live Support - Live Chat Plugin 2.0 - Cross-Site Scripting via cdwidgetid Parameter
Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter. NOTE: some of these details are obtained from third party information.
CVE-2011-4618 EXPLOITDB text WRITEUP
Advanced Text Widget Plugin < 2.0.1 - Cross-Site Scripting via Page Parameter
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2011-5265 EXPLOITDB text WRITEUP
Featurific For WordPress 1.6.2 - Cross-Site Scripting via snum Parameter
Cross-site scripting (XSS) vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum parameter. NOTE: this has been disputed by a third party.
CVE-2011-5182 EXPLOITDB text WRITEUP
Lanoba Social Plugin 1.0 - Cross-Site Scripting via Action Parameter
Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating "Lanoba's plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user's behalf.
EIP-2026-113922 EXPLOITDB text WRITEUP
WordPress Plugin NewsLetter Meenews 5.1 - 'idnews' Cross-Site Scripting
EIP-2026-104676 EXPLOITDB perl WORKING POC
phpBB 3.0.8 - Remote Denial of Service
EIP-2026-104684 EXPLOITDB perl WORKING POC
WHMCompleteSolution (WHMCS) 5.12 - 'cart.php' Denial of Service
EIP-2026-104638 EXPLOITDB perl WORKING POC
MyBB 1.6.12 - 'misc.php' Remote Denial of Service
EIP-2026-104632 EXPLOITDB text WRITEUP
DirectAdmin 1.50.1 - Denial of Service