EDB-ID: 40206 Author: Julien Rentrop CVE: N/A Published: 2016-08-05 Type: webapps Platform: PHP Stored Cross-Site Scripting vulnerability in Count per Day WordPress Plugin Abstract A Cross-Site Scripting vulnerability was found in the Count per Da...
WordPress Advanced Custom Fields: Table Field 1.1.12 XSS
Details ================ Software: Advanced Custom Fields: Table Field Version: 1.1.12 Homepage: https://wordpress.org/plugins/advanced-custom-fields-table-field/ Advisory report: https://security.dxw.com/advisories/xss-in-advanced-custom-fields-table-field-could-allow-authenticated-users-to-do-almost-anything-an-ad...
wordpress添加统计信息的实现
- 2016-08-04
- WordPress
- 3009 阅读
1、首先,需要创建相关的函数。你可以把下面的代码粘贴到你所用主题的 functions.php 文件里。 //取得文章的阅读次数开始 function getPostViews($postID){ $count_key = 'post_views_count'; $count = get_post_meta($postID, $count_key, true); if($count==''){ delete_post_meta...
国外很棒的渗透测试资源集合
- 2016-07-24
- 安全工具
- 8079 阅读
一组很棒的渗透测试资源,网络安全工具包,包括工具、书籍、会议、杂志和其他的东西 渗透测试工具 Awesome Penetration Testing A collection of awesome penetration testing resources Online Resources Penetration Testing Resources Exploit development Social Engineering Resources Lock Picking Resources Tools Pe...
angel.php webshell
- 2015-10-26
- webshell
- 4287 阅读
PHP <?php /** * Created by uedbox.com. * User: hackgyj * Date: 15/10/27 * Time: 上午9:41 */ error_reporting( 7 ); @set_magic_quotes_runtime( 0 ); ob_start(); $mtime = explode( ' ', microtime() );...
site:github.com inurl:sftp-config.json intext:/wp-content/
- 2013-11-25 shdb
- 2145 阅读
Finds disclosed ftp FTP for WordPress installs, which have been pushed to a public repo on GitHub. Credit: RogueCoder
inurl:github.com intext:sftp-conf.json +intext:/wp-content/
- 2013-11-25 shdb
- 1876 阅读
Find FTP logins and full path disclosures pushed to github inurl:github.com intext:sftp-conf.json +intext:/wp-content/ -- RogueCoder
IE7/8/9 零日漏洞(附Exploit)
- 2012-09-20
- Vulndb
- 3053 阅读
Metasploit制造商HD Moore建议用户停用IE7、IE8和IE9,直到微软修复关键漏洞。 安全专家称,攻击者正在利用微软IE浏览器中的一个“零日”漏洞来攻击访问恶意或被感染的网站的Windows电脑。 微软称正在调查该漏洞的报告,但还没有确定修复该漏洞的时间表。 安全公司Rapid 7表示,IE7、IE8和IE9中未修复的漏洞可以在Windows XP、Vista和Windows ...
Mereo HTTP请求远程拒绝服务漏洞
- 2010-09-02
- Vulndb
- 2051 阅读
发布时间:2010-08-30 影响版本:Mereo v1.9.2 漏洞描述: Mereo是运行在Windows平台上的小型HTTP服务器。 远程攻击者可以通过向Mereo服务器发送恶意HTTP请求导致mereo.exe进程崩溃。 <*参考 CwG GeNiuS (cwggenius@gmail.com) *> 测试方法: 本站提供程序(...
