-
Keypoints:
- /phpinfo --> got user name info "Shenzi"
- One useful tip for lab machines is to try out any useful keywords you’ve identified so far **to identify directories, usernames or passwords**…
-
Via email:
> Hello,
>
> Your plugin has had to be temporarily withdrawn from the WordPress.org Plugin Directory due to an exploit.
>
> Plugin Page: https://wordpress.org/plugins/saml-20-singl…
-
I only get this output:
[-] Checking arguments
[-] All arguments for exploiting target are set, beginning the first checks
[-] The remote FTP polyglot SVG/MSL file is reachable
…
-
```
I'm trying out your tool fimap and I'm trying it against a vulnerable Wordpress
plugin on the OWASP Broken Web Apps virtual machine:
https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_…
-
Hello,
I am trying to get this exploit to work for a project, I created a basic Wordpress site using Local and upload version 1.3.7 of the backup migration plugin and activated it but I get this e…
-
In addition to listing out the Javascript version information to identify out of date versions (#96), is it possible to determine if there are any security issues for that javascript library?
@john…
-
## Вводная
В России несколько удивительная ситуация (мы про Битрикс преимущественно). В том плане, что проприетарные CMS, которые далеки от концепта "приятный читаемый и безопасный код", вкладываяс…
-
The plugin has been made unavailable on https://wordpress.org/plugins/event-list/ with the following reason "This plugin has been closed as of January 31, 2022 and is not available for download. Reaso…
-
Have you considering using meaningful file names for exploits rather than numbers?
eg
wordpress_download_plugin_1.4.5.csrf
rather than
99.csrf
It would be a lot easier to manage and search for t…
-
**Sasha and Svits**
- [x] Finish basic templates
- ~~finish the code~~
- ~~create patterns based on that code~~
- ~~insert patterns into templates~~
- [ ] Tests
- te…