WP Marketplace 2.4.0 Remote Code Execution (Add WP Admin)

___ ___ __ | Y .-----.----.--| .-----.----.-----.-----.-----. |. | | _ | _| _ | _ | _| -__|__ --|__ --| |. / \ |_____|__| |_____| __|__| |_____|_____|_____| |: | |__| |::.|:. | `--- ---' ___ ___ __ __ __ | Y .---.-.----| |--.-----| |_.-----| .---.-.----.-----. |. | _ | _| <| -__| _| _ | | _ | __| -__| |. \_/ |___._|__| |__|__|_____|____| __|__|___._|____|_____| |: | | |__| |::....

March 24, 2015 · 1 min · claudio

WordPress Video Gallery 2.7 SQL Injection

###################### # Exploit Title : WordPress Video Gallery 2.7 SQL Injection Vulnerabilitiy # Exploit Author : Claudio Viviani # Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery # Software Link : https://downloads.wordpress.org/plugin/contus-video-gallery.2.7.zip # Dork Google: inurl:/wp-admin/admin-ajax.php?action=rss # Date : 2015-02-10 # Tested on : Windows 7 / Mozilla Firefox Linux / Mozilla Firefox ###################### # Vulnerability Disclosure Timeline: 2015-02-08: Discovered vulnerability 2015-02-09: Vendor Notification 2015-02-10: Vendor Response/Feedback 2015-02-10: Vendor Send Fix/Patch 2015-02-10: Public Disclosure # Description Wordpress Video Gallery 2....

February 11, 2015 · 1 min · claudio

Come aggiornare VMware vCenter 5

OS: Windows 2008 R2 x64 vCenter Server: 5.0 Intro In questo articolo mostrerò come aggiornare VMware vCenter , in particolare dalla versione 5.0 alla 5.5U2. Il sistema operativo da dove effettuerò le operazione è Windows 2008 R2 x64. Requisiti Per aggiornare vCenter è necessario procurarsi la versione più aggiornata, per fare ciò basta loggarsi con il proprio account sul sito My VMware e cercare sotto la sezione Downloads -> All Products la parola chiave “VMware vCenter Server“....

January 2, 2015 · 2 min · claudio

WordPress Download Manager Remote Code Execution Vulnerability (Add WP Admin)

___ ___ __ | Y .-----.----.--| .-----.----.-----.-----.-----. |. | | _ | _| _ | _ | _| -__|__ --|__ --| |. / \ |_____|__| |_____| __|__| |_____|_____|_____| |: | ______ |__| __ __ |::.|:. | | _ \ .-----.--.--.--.-----| .-----.---.-.--| | `--- ---' |. | \| _ | | | | | | _ | _ | _ | |. | |_____|________|__|__|__|_____|___._|_____| |: 1 / ___ ___ |::.. ....

December 13, 2014 · 1 min · claudio

WordPress WP Symposium Shell Upload Vulnerability

___ ___ __ | Y .-----.----.--| .-----.----.-----.-----.-----. |. | | _ | _| _ | _ | _| -__|__ --|__ --| |. / \ |_____|__| |_____| __|__| |_____|_____|_____| |: | |__| |::.|:. | `--- ---' ___ ___ _______ _______ __ | Y | _ |______| _ .--.--.--------.-----.-----.-----|__.--.--.--------. |. | |. 1 |______| 1___| | | | _ | _ |__ --| | | | | |. / \ |. ____| |____ |___ |__|__|__| __|_____|_____|__|_____|__|__|__| |: |: | |: 1 |_____| |__| |::....

December 11, 2014 · 1 min · claudio