Skip to content

Instantly share code, notes, and snippets.

B0UG

Block or report user

Report or block B0UG

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@B0UG
B0UG / Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability
Created Feb 13, 2019
Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability
View Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability
# Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability
# Date: 2018-12-28
# Exploit Author: B0UG
# Vendor Homepage: https://wpbookingcalendar.com/
# Software Link: https://wordpress.org/plugins/booking/
# Version: Tested on version 8.4.3 (older versions may also be affected)
# Tested on: WordPress
# Category : Webapps
# CVE: CVE-2018-20556
@B0UG
B0UG / gist:68d3161af0c0ec85c615ca7452f9755e
Created Jun 7, 2018
Booking Calendar by WpDevArt - Unauthenticated Parameter Manipulation
View gist:68d3161af0c0ec85c615ca7452f9755e
# Exploit Title: Booking Calendar by WpDevArt - Unauthenticated Parameter Manipulation
# Date: 25/04/2018
# Exploit Author: B0UG
# Vendor Homepage: https://wpdevart.com/wordpress-booking-calendar-plugin/
# Software Link: https://wordpress.org/plugins/booking-calendar/
# Version: Tested on version 2.2.2 (Older versions may be affected)
# Tested on: WordPress
# Category : Webapps
# CVE: CVE-2018-10363
@B0UG
B0UG / gist:8615df3fe83a4deca07334af783696d6
Created May 1, 2018
WF Cookie Consent - Authenticated Persistent Cross-Site Scripting
View gist:8615df3fe83a4deca07334af783696d6
# Exploit Title: WF Cookie Consent - Authenticated Persistent Cross-Site Scripting
# Date: 23/04/2018
# Exploit Author: B0UG
# Vendor Homepage: http://www.wunderfarm.com/
# Software Link: https://en-gb.wordpress.org/plugins/wf-cookie-consent/
# Version: Tested on version 1.1.3 (older versions may also be affected)
# Tested on: WordPress
# Category : Webapps
# CVE: CVE-2018-10371
@B0UG
B0UG / gist:f0cfb356e23be3cd6ebea69566d6100a
Created Apr 25, 2018
Responsive Cookie Consent - Authenticated Persistent Cross-Site Scripting
View gist:f0cfb356e23be3cd6ebea69566d6100a
# Exploit Title: Responsive Cookie Consent - Authenticated Persistent Cross-Site Scripting
# Date: 20/04/2018
# Exploit Author: B0UG
# Vendor Homepage: http://www.jameskoussertari.co.uk/
# Software Link: https://en-gb.wordpress.org/plugins/responsive-cookie-consent/
# Version: Tested on version 1.5, 1.6 and 1.7 (older versions may also be affected)
# Tested on: WordPress
# Category : Webapps
# CVE: CVE-2018-10309
@B0UG
B0UG / gist:9732614abccaf2893c352d14c822d07b
Created Apr 25, 2018
UK Cookie Consent - Authenticated Persistent Cross-Site Scripting
View gist:9732614abccaf2893c352d14c822d07b
# Exploit Title: UK Cookie Consent - Authenticated Persistent Cross-Site Scripting
# Date: 22/04/2018
# Exploit Author: B0UG
# Vendor Homepage: https://catapultthemes.com/
# Software Link: https://en-gb.wordpress.org/plugins/uk-cookie-consent/#description
# Version: Tested on version 2.3.9 (older versions may also be affected)
# Tested on: WordPress
# Category : Webapps
# CVE: CVE-2018-10310
You can’t perform that action at this time.