March 3, 2017 Munir Njiru

Advisories

  1. Multiple XSS on Phproject || Fix (github)
  2. BOA Web Server 0.94.14 – Access to arbitrary files as privileges (CVE-2017-9883) ||  Exploit (github)
  3. WordPress Plugin Membership Simplified v1.58 – Arbitrary File Download (CVE-2017-1002008) || Exploit (ExploitDB) Exploit (github) Exploit (CXSecurity) , Exploit (0day.today)
  4. WordPress Plugin mobile-friendly-app-builder-by-easytouch v3.0 (CVE-2017-1002000) || Exploit (github),   Exploit (ExploitDB)Exploit (CXSecurity)
  5. WordPress Plugin mobile-app-builder-by-wappress v1.05 CVE-2017-1002001) || Exploit (github),   Exploit (ExploitDB)Exploit (CXSecurity)
  6. WordPress Plugin webapp-builder v2.0 (CVE-2017-1002002) || Exploit (github),   Exploit (ExploitDB)Exploit (CXSecurity)
  7. WordPress Plugin wp2android-turn-wp-site-into-android-app v1.1.4 (CVE-2017-1002003) || Exploit (github),   Exploit (ExploitDB)Exploit (CXSecurity)
  8. Zen App Mobile Native <=3.0 (CVE-2017-6104) || Exploit (github),   Exploit (ExploitDB)Exploit (CXSecurity)
  9. WordPress 4.7 User Enumeration (CVE 2017-5487) || Exploit (github)Exploit (CXSecurity)
  10. WordPress Aspose Cloud eBook Generator File Download Vulnerability || Exploit (github)
  11. WordPress WP User Frontend Plugin [Unrestricted File Upload] || Exploit (github)
  12. Apache Byte Range Server DoS (CVE-2011-3192) || Exploit (github)
  13. LibLime Koha <= 4.2 – Local File Inclusion Vulnerability (CVE-2011-4715) || Exploit (github)

Leave a Reply

Your email address will not be published. Required fields are marked *