Category Archives: Full Disclosure

Full Disclosure

Full Disclosure

php-gettext php code execution in select_string, ngettext, npgettext count parameter <1.0.12

Posted by crashenator on Aug 16

CERT ID – VU#520504 (pending since 2015)
Product – php-gettext
Company – Danilo Segan
Name – php-gettext php code execution
Versions – <1.0.12
Patched – 11/11/2015
Ref: https://launchpad.net/php-gettext/trunk/1.0.12
Vulnerability – “code injection into the ngettext family of calls:
evaluating the plural form formula can execute arbitrary code if number
is passed unsanitized from the untrusted user.”
Description –
In 1.0.11 and…

Full Disclosure

Actiontec T2200H (Telus Modem) Root Reverse Shell

Posted by Andrew Klaus on Aug 16

### Device Details
Vendor: Actiontec (Telus Branded, but may work on others)
Model: T2200H (but likely affecting other similar models of theirs)
Affected Firmware: T2200H-31.128L.03
Device Manual:
http://static.telus.com/common/cms/files/internet/telus_t2200h_user_manual.pdf

Reported: November 2015
Status: Fixed on newly pushed firmware version
CVE: Not needed since update is pushed by the provider.

The Telus Actiontec T2200H is Telus’…

Full Disclosure

Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin
————————————————————————
Burak Kelebek, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in the…

Full Disclosure

Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin
————————————————————————
Burak Kelebek, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in the…

Full Disclosure

Cross-Site Scripting in Link Library WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Cross-Site Scripting in Link Library WordPress Plugin
————————————————————————
Burak Kelebek, July 2016

————————————————————————
Abstract
————————————————————————
A Reflected Cross-Site Scripting (XSS) vulnerability has been found…

Full Disclosure

Ajax Load More Local File Inclusion vulnerability

Posted by Summer of Pwnage on Aug 15

————————————————————————
Ajax Load More Local File Inclusion vulnerability
————————————————————————
Burak Kelebek, July 2016

————————————————————————
Abstract
————————————————————————
It was discovered that the Ajax Load More WordPress plugin is vulnerable…

Full Disclosure

Cross-Site Scripting/Cross-Site Request Forgery in Peter's Login Redirect WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Cross-Site Scripting/Cross-Site Request Forgery in Peter’s Login
Redirect WordPress Plugin
————————————————————————
Yorick Koster, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting…

Full Disclosure

Cross-Site Request Forgery vulnerability in Email Users WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Cross-Site Request Forgery vulnerability in Email Users WordPress Plugin
————————————————————————
Julien Rentrop, July 2016

————————————————————————
Abstract
————————————————————————
It was found that the Email Users WordPress…

Full Disclosure

Cross-Site Scripting vulnerability in Google Maps WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Cross-Site Scripting vulnerability in Google Maps WordPress Plugin
————————————————————————
Julien Rentrop, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in the…

Full Disclosure

Stored Cross-Site Scripting vulnerability in Photo Gallery WordPress Plugin

Posted by Summer of Pwnage on Aug 15

————————————————————————
Stored Cross-Site Scripting vulnerability in Photo Gallery WordPress
Plugin
————————————————————————
Umit Aksu, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in…