pro(re)gress

www.snaplife.it vulnerable/unpatched 4.8 wordpress, vulnerable/unpatched theme, path disclosure.

wordpress 4.8.1 vulnerable (zero day) twentyfifteen theme xss twentyfifteen path disclosure sample: http://www.cittaspettacolo.it/2017/wp/wp-content/themes/twentyfifteen/ /web/htdocs/www.cittaspettacolo.it/home/2017/wp

Contact Form version 7 Wordpress 4.8 - rest api content injection exploit. Wordpress <=4.8.2 SQL Injection

https://www.aslbenevento1.it/cupweb/ https://service.sanita.padova.it/cittadino/ https://lpweb.asl3.liguria.it/cupweb/ https://cup.ospedalerc.it/cupwebrc/mainLogin.do | error with ldap Ver. 20.11.00_003 28/04/17 a' or '1'='1 in username and password to access as SGPWeb Operatore if we raise an error errore di accesso al Data Base: ORA-01756: quoted string not properly terminated : SELECT password,description,user_code,connectingdate,users.sco_id from   ----2021-11-05---- There is still an XSS in the login (It's not a big issue).

A simple sql injection is needed to login with *any* user example: ' or '1'='1. https://rousseau.movimento5stelle.it/login.php Sql injection where sharing_id is a table in the group by clause. https://rousseau.movimento5stelle.it/edit_atto.php?id=1258&sharing_id=[sqli] http://www.beppegrillo.it/marcia_virtuale/vmarcia/auslesen.php?start=14040&z=[sqli] "Fixed" - Update 09/08/2017:  Hanno rimosso da BeppeGrillo.it la pagina "Marcia virtuale" e il file PHP che riportava i dati in chiaro ( https://t.co/3FeUPiHQ8E ) pic.twitter.com/8abp2ItTxa — David Puente (@DavidPuente) 9 agosto 2017 I found accidentaly (august 2018) an archived page (I didn't archived it!) that is showing sensitive informations without an SQLi. Probably the page was tampered by someone or the script itself didn't work correctly. https://archive.li/cmKkC - sample for the voting system: voting_votazioni voting_votazioni_vote The main website als