[FD] ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities

2015-04-05 Thread Jing Wang
*ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities* Exploit Title: ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities Vendor: ECE Projektmanagement G.m.b.H. Co. KG (ECE) Product: ECE Projects Vulnerable Versions: Tested Version: Advisory Publication: April 01, 2015

[FD] Wordpress plugin Simple Ads Manager - Arbitrary File Upload

2015-04-05 Thread ITAS Team
#Vulnerability title: Wordpress plugin Simple Ads Manager - Arbitrary File Upload #Product: Wordpress plugin Simple Ads Manager #Vendor: https://profiles.wordpress.org/minimus/ #Affected version: Simple Ads Manager 2.5.94 #Download link: https://wordpress.org/plugins/simple-ads-manager/ #CVE ID:

[FD] Wordpress plugin Simple Ads Manager - SQL Injection

2015-04-05 Thread ITAS Team
#Vulnerability title: Wordpress plugin Simple Ads Manager - SQL Injection #Product: Wordpress plugin Simple Ads Manager #Vendor: https://profiles.wordpress.org/minimus/ #Affected version: Simple Ads Manager 2.5.94 and 2.5.96 #Download link: https://wordpress.org/plugins/simple-ads-manager/ #CVE

[FD] Wordpress plugin Simple Ads Manager - Information Disclosure

2015-04-05 Thread ITAS Team
#Vulnerability title: Wordpress plugin Simple Ads Manager - Information Disclosure #Product: Wordpress plugin Simple Ads Manager #Vendor: https://profiles.wordpress.org/minimus/ #Affected version: Simple Ads Manager 2.5.94 and 2.5.96 #Download link:

[FD] Multiple SQL Injection

2015-04-05 Thread ITAS Team
#Vulnerability title: Wordpress plugin Simple Ads Manager - Multiple SQL Injection #Product: Wordpress plugin Simple Ads Manager #Vendor: https://profiles.wordpress.org/minimus/ #Affected version: Simple Ads Manager 2.5.94 and 2.5.96 #Download link:

[FD] 6kbbs v8.0 XSS (Cross-site Scripting) Security Vulnerabilities

2015-04-05 Thread Jing Wang
*6kbbs v8.0 XSS (Cross-site Scripting) Security Vulnerabilities* Exploit Title: 6kbbs XSS (Cross-site Scripting) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest Update: April 02, 2015

[FD] phpSFP - Schedule Facebook Posts 1.5.6 Pre-auth SQL Injection (0-day)

2015-04-05 Thread Pichaya Morimoto
## # _ ___ _ _ _ _ # | | / _ \| \ | |/ ___|/ ___| / \|_ _| # | | | | | | \| | | _| | / _ \ | | # | |__| |_| | |\ | |_| | |___ / ___ \| | # |_\___/|_| \_|\|\/_/ \_\_| # #