D2 Elliot Update 20150716 07.16.15
Changelog: Exploits - Added: E-409 - WordPress Creative Contact Form 0.9.7 File Upload E-443 - php_address_book authentication SQL injection E-444 - WordPress CP Multi View Event Calendar 1.1.4 SQL Injection E-445 - WordPress Simple Ads Manager File Upload E-446 - Drupal core 7.x SQL Injection E-447 - Wordpress Video Gallery 2.8 plugin SQL Injection E-448 - WordPress Traffic Analyzer 3.4.2 SQL Injection E-449 - WordPress Simple Ads Manager SQL Injection E-450 - WordPress Business Intelligence SQL Injection E-451 - WordPress SP Project & Document Manager 2.5.3 SQL Injection E-452 - WordPress WP Mobile Edition File Disclosure E-453 - WordPress Slider Revolution Responsive File Disclosure E-454 - WordPress UpdraftPlus Credentials Disclosure E-455 - WordPress Holding Pattern Theme 0.6 File Upload E-456 - WordPress Download Manager Privilege Escalation E-457 - WordPress NEX-Forms 3.0 SQL Injection E-458 - WordPress ReFlex Gallery File Upload E-459 - WordPress Work The Flow File Upload E-460 - WordPress Slider Revolution Responsive File Upload E-461 - WordPress Showbiz Pro Responsive Teaser File Upload E-462 - WordPress 3.5.1 Lightbox Plus RCE E-463 - PBBoard 3.0.1 email SQL Injection E-464 - WHMCS 5.2.7 SQL Injection E-465 - WordPress N-Media Website Contact Form with File Upload 1.3.4 File Upload E-466 - WeBid 1.1.1 File Upload E-467 - Novell ZENworks Configuration Management UploadServlet File Upload E-468 - Visual Mining NetCharts Server saveFile.jsp File Upload E-469 - WordPress WP EasyCart Privilege Escalation E-470 - Elasticsearch FD E-471 - Elasticsearch RCE E-472 - D-LINK Router Information Disclosure E-473 - Pirelli Router Information Disclosure E-474 - Asus Wireless-N Gigabit Router Information Disclosure E-475 - WordPress Cart66 Lite SQL Injection Workflows - Added: W-41 - Parser W3af W-42 - Elasticsearch modules bruteforcer W-43 - Router information gathering