Joaquin Ramirez Martinez - Security Researcher - Exploit Intelligence Platform

CVE-2016-20084 EXPLOITDB HIGH text WORKING POC

WordPress appointment-booking-calendar 1.1.24 Privilege Escalation XSS

WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScript into the 'ict' and 'ics' options or the calendar 'name' parameter via GET requests to execute arbitrary scripts when the calendar is displayed or accessed in the administration interface.

CVSS 7.2

View Code

CVE-2016-20075 EXPLOITDB HIGH text WRITEUP

WordPress Ultimate Product Catalog 3.8.6 Arbitrary File Upload RCE

WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality. Attackers can upload PHP shells through the Products tab custom file field and access them via the upcp-product-file-uploads directory to execute arbitrary code on the server.

CVSS 8.8

View Code

CVE-2016-20070 EXPLOITDB MEDIUM text WORKING POC

WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS

WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers.

CVSS 6.4

View Code

CVE-2016-20069 EXPLOITDB HIGH text WORKING POC

WordPress Booking Calendar Contact Form 1.0.23 SQL Injection

WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information.

CVSS 8.2

View Code

CVE-2016-20068 EXPLOITDB HIGH text WORKING POC

WordPress Booking Calendar Contact Form 1.0.23 SQL Injection

WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send requests to the admin-ajax.php endpoint with the action parameter set to 'dex_bccf_calendar_ajaxevent' and supply crafted SQL commands in the 'id' parameter to extract sensitive database information.

CVSS 8.2

View Code

CVE-2016-20067 EXPLOITDB MEDIUM text WORKING POC

WordPress CP Polls 1.0.8 Cross-Site Request Forgery

WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in.

CVSS 4.3

View Code

CVE-2016-20066 EXPLOITDB HIGH text WORKING POC

WordPress CP Polls 1.0.8 Persistent Cross-Site Scripting

WordPress CP Polls 1.0.8 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unsanitized file upload functionality. Attackers can upload files containing script payloads with event handlers like onerror attributes to execute arbitrary JavaScript in the browsers of users viewing the affected content.

CVSS 7.2

View Code

CVE-2014-8586 METASPLOIT ruby SCANNER

CP Multi View Event Calendar 1.01 - SQL Injection via calid Parameter

SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter.

View Code

EIP-2026-114136 EXPLOITDB html WORKING POC

WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation

View Code

EIP-2026-114138 EXPLOITDB text WORKING POC

WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection

View Code

EIP-2026-113814 EXPLOITDB text WORKING POC

WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities

View Code

EIP-2026-113599 EXPLOITDB text WRITEUP

WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities

View Code

EIP-2026-113601 EXPLOITDB text WRITEUP

WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection

View Code

EIP-2026-113602 EXPLOITDB text WORKING POC

WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection

View Code

EIP-2026-113603 EXPLOITDB text WRITEUP

WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection

View Code

CVE-2015-6965 EXPLOITDB html WORKING POC

Contact Form Generator < 2.0.1 - Cross-Site Request Forgery

Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) create a field, (2) update a field, (3) delete a field, (4) create a form, (5) update a form, (6) delete a form, (7) create a template, (8) update a template, (9) delete a template, or (10) conduct cross-site scripting (XSS) attacks via a crafted request to the cfg_forms page in wp-admin/admin.php.

View Code

EIP-2026-113666 EXPLOITDB text WORKING POC

WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download

View Code

EIP-2026-113667 EXPLOITDB text WRITEUP

WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection

View Code

CVE-2015-7235 EXPLOITDB text WRITEUP

CP Reservation Calendar < 1.1.6 - SQL Injection via dex_reservations.php Parameters

Multiple SQL injection vulnerabilities in dex_reservations.php in the CP Reservation Calendar plugin before 1.1.7 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a dex_reservations_calendar_load2 action or (2) dex_item parameter in a dex_reservations_check_posted_data action in a request to the default URI.

View Code

EIP-2026-113669 EXPLOITDB text WRITEUP

WordPress Plugin cp-multi-view-calendar 1.1.4 - SQL Injection

View Code

EIP-2026-110406 EXPLOITDB python WORKING POC

osTicket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting

View Code