liquidworm (346 exploits) - page 1 - Code Exploits Collection

Title	Author	Platform	Source	Description	Date
Wordpress Newsletter 3.2.6 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	Wordpress Newletter plugin version 3.2.6 suffers from a cross site scripting vulnerability.	May 14
WordPress Securimage 3.2.4 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	WordPress Securimage plugin version 3.2.4 suffers from a cross site scripting vulnerability.	May 10
Securimage 3.5 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	Securimage suffers from a cross site scripting issue in 'example_form.php' that uses the 'REQUEST_URI' variable. The vulnerability is present because there isn't any filtering to the mentioned variable in the affected script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.	May 9
CMSLogik 1.2.1 User Enumeration Weakness	LiquidWorm	na	zeroscience.mk	CMSLogik version 1.2.1 suffers from a user enumeration weakness vulnerability.	April 15
CMSLogik 1.2.1 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	CMSLogik version 1.2.1 suffers from multiple persistent cross site scripting vulnerabilities.	April 15
CMSLogik 1.2.1 Shell Upload	LiquidWorm	na	zeroscience.mk	CMSLogik version 1.2.1 remote shell upload exploit that leverages upload_file_ajax().	April 15
CMSLogik 1.2.1 - Multiple Vulnerabilities	LiquidWorm	php	exploit-db.com	!/usr/bin/python CMSLogik 1.2.1 (upload_file_ajax()) Shell Upload Exploit Vendor: ThemeLogik Product web page: http://www.themelogik.com/cmslogik Affected version: 1.2.1 and 1.2.0 Summary: CMSLogik is built on a solid & lightweight framework called CodeIgniter, and des	April 15
TP-Link TL-WR740N Wireless Router - Denial Of Service Exploit	LiquidWorm	hardware	exploit-db.com	!/usr/local/bin/perl TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.16.4 Build 130205 Rel.63875n (Released: 2/5/2013) - Har	March 22
TP-Link TL-WR740N Wireless Router Remote Denial Of Service	LiquidWorm	na	zeroscience.mk	The TP-Link WR740N Wireless N Router network device is exposed to a remote denial of service vulnerability when processing a HTTP request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Sending a sequence of three dots (...) to the router will crash its httpd service denying the legitimate users access to the admin control panel management interface.	March 21
Qool CMS 2.0 RC2 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	Qool CMS version 2.0 RC2 suffers from multiple persistent cross site scripting vulnerabilities. The issues are triggered when input passed via several POST parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.	March 7
Qool CMS 2.0 RC2 Cross Site Request Forgery	LiquidWorm	na	zeroscience.mk	Qool CMS version 2.0 RC2 suffers from a cross site request forgery vulnerability. Proof of concept that adds a root user is included.	March 7
MTP Poll 1.0 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	MTP Poll version 1.0 suffers from multiple stored cross site scripting vulnerabilities.	February 25
MTP Image Gallery 1.0 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	MTP Image Gallery version 1.0 suffers from a stored cross site scripting vulnerability.	February 25
MTP Guestbook 1.0 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	MTP Guestbook version 1.0 suffers from multiple stored cross site scripting vulnerabilities.	February 25
OpenEMR 4.1.1 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	OpenEMR version 4.1.1 suffers from a cross site scripting vulnerability.	February 21

Older posts >>