D2 Elliot Update 20150716 07.16.15


Changelog:

Exploits - Added:
 E-409 - WordPress Creative Contact Form 0.9.7 File Upload
 E-443 - php_address_book authentication SQL injection
 E-444 - WordPress CP Multi View Event Calendar 1.1.4 SQL Injection
 E-445 - WordPress Simple Ads Manager File Upload
 E-446 - Drupal core 7.x SQL Injection
 E-447 - Wordpress Video Gallery 2.8 plugin SQL Injection
 E-448 - WordPress Traffic Analyzer 3.4.2 SQL Injection
 E-449 - WordPress Simple Ads Manager SQL Injection
 E-450 - WordPress Business Intelligence SQL Injection
 E-451 - WordPress SP Project & Document Manager 2.5.3 SQL Injection
 E-452 - WordPress WP Mobile Edition File Disclosure
 E-453 - WordPress Slider Revolution Responsive File Disclosure
 E-454 - WordPress UpdraftPlus Credentials Disclosure
 E-455 - WordPress Holding Pattern Theme 0.6 File Upload
 E-456 - WordPress Download Manager Privilege Escalation
 E-457 - WordPress NEX-Forms 3.0 SQL Injection
 E-458 - WordPress ReFlex Gallery File Upload
 E-459 - WordPress Work The Flow File Upload
 E-460 - WordPress Slider Revolution Responsive File Upload
 E-461 - WordPress Showbiz Pro Responsive Teaser File Upload
 E-462 - WordPress 3.5.1 Lightbox Plus RCE
 E-463 - PBBoard 3.0.1 email SQL Injection
 E-464 - WHMCS 5.2.7 SQL Injection
 E-465 - WordPress N-Media Website Contact Form with File Upload 1.3.4 File Upload
 E-466 - WeBid 1.1.1 File Upload
 E-467 - Novell ZENworks Configuration Management UploadServlet File Upload
 E-468 - Visual Mining NetCharts Server saveFile.jsp File Upload
 E-469 - WordPress WP EasyCart Privilege Escalation
 E-470 - Elasticsearch FD
 E-471 - Elasticsearch RCE
 E-472 - D-LINK Router Information Disclosure
 E-473 - Pirelli Router Information Disclosure
 E-474 - Asus Wireless-N Gigabit Router Information Disclosure
 E-475 - WordPress Cart66 Lite SQL Injection

Workflows - Added:
 W-41 - Parser W3af
 W-42 - Elasticsearch modules bruteforcer
 W-43 - Router information gathering
  			

Back to Updates

Share :   Facebook   Twitter   Google+