ITAS Team

11 exploits Active since Dec 2014
CVE-2015-2826 EXPLOITDB MEDIUM text WORKING POC
WordPress Simple Ads Manager 2.5.94 and 2.5.96 - Exposure of Sensitive Information
WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote attackers to obtain sensitive information.
CVSS 5.3
CVE-2015-2825 EXPLOITDB text WORKING POC
Simple Ads Manager < 2.5.94 - Unauthenticated Arbitrary File Upload via sam-ajax-admin.php
Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter.
CVE-2015-2824 EXPLOITDB text WORKING POC
Simple Ads Manager < 2.7.97 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php.
CVE-2014-9178 EXPLOITDB text WRITEUP
Smarty Pants Plugins SP Project & Document Manager <2.4.1 - SQL Inj...
Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants Plugins SP Project & Document Manager plugin (sp-client-document-manager) 2.4.1 and earlier for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) vendor_email[] parameter in the email_vendor function or id parameter in the (2) download_project, (3) download_archive, or (4) remove_cat function.
CVE-2015-2275 EXPLOITDB text WORKING POC
WoltLab Community Gallery 2.0 - Stored Cross-Site Scripting via Image Title Parameter
Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parameters[data][7][title] parameter in a saveImageData action to index.php/AJAXProxy.
CVE-2015-1428 EXPLOITDB text WORKING POC
Sefrengo < 1.6.1 - SQL Injection via sefrengo Cookie or value_id Parameter
Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authenticated users to execute arbitrary SQL commands via the value_id parameter in a save_value action to backend/main.php.
CVE-2015-1518 EXPLOITDB text WORKING POC
redaxscript < 2.2.0 - SQL Injection via search_terms Parameter
SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.
CVE-2015-2564 EXPLOITDB text WRITEUP
ProjectSend r561 - Authenticated SQL Injection via ID Parameter
SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.
CVE-2014-9464 EXPLOITDB text WORKING POC
Microweber CMS <20141209 - SQL Injection
SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category, related to the $parent_id variable.
EIP-2026-105243 EXPLOITDB text WORKING POC
ArticleFR CMS 3.0.5 - Arbitrary File Upload
CVE-2015-1364 EXPLOITDB text WORKING POC
Free Reprintables ArticleFR <3.0.5 - SQL Injection
SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/.