MyBuilder Clone 1.0 - 'subcategory' SQL Injection

Exploit Title: MyBuilder Clone 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.contractorscripts.com/ Software Link: http://order.contractorscripts.com/ Demo: http://demo.contractorscripts.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

FS Trademe Clone SQL Injection

Exploit Title: FS Trademe Clone - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/trademe-clone/ Version: 24 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...

FS Crowdfunding Script SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: FS Crowdfunding Script - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/crowdfunding-script/ Version: 24 October 17 Test...

FS OLX Clone - catg_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: FS OLX Clone - SQL Injection Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/olx-clone/ Version: 23 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6...

FS Groupon Clone - category SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: FS Groupon Clone - SQL Injection Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/groupon-clone/ Version: 23 October 17 Tested on: Kali Linux 2.0 | Mac OS...

FS Monster Clone - id SQL Injection

FS Monster Clone - id SQL Injection Exploit Title: FS Monster Clone - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/monster-clone/ Version: 24 October 17 Tested on: Kali Linux 2.0 | Mac OS...

FS Care Clone - sitterService SQL Injection

FS Care Clone - sitterService SQL Injection Exploit Title: FS Care Clone - 'sitterService' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/care-clone/ Version: 24 October 17 Tested on: Kali Linux...

FS Thumbtack Clone - ser SQL Injection

FS Thumbtack Clone - ser SQL Injection Exploit Title: FS Thumbtack Clone - 'ser' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/thumbtack-clone/ Version: 24 October 17 Tested on: Kali Linux 2.0 ...

FS Realtor Clone - id SQL Injection

FS Realtor Clone - id SQL Injection Exploit Title: FS Realtor Clone - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/realtor-clone/ Version: 24 October 17 Tested on: Kali Linux 2.0 | Mac OS...

FS Monster Clone - 'id' SQL Injection

Exploit Title: FS Monster Clone - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/monster-clone/ Version: 24 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...

FS OLX Clone - catg_id SQL Injection

FS OLX Clone - catgid SQL Injection Exploit Title: FS OLX Clone - SQL Injection Date: 2017-10-23 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/olx-clone/ Version: 23 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Emai...

FS Car Rental Script - pickup_location SQL Injection

FS Car Rental Script - pickuplocation SQL Injection Exploit Title: FS Car Rental Script - SQL Injection Date: 2017-10-23 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/car-rental-script/ Version: 23 October 17 Tested on: Kali...

FS Freelancer Clone - 'sk' SQL Injection

Exploit Title: FS Freelancer Clone - SQL Injection Date: 2017-10-23 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/freelancer-clone/ Version: 23 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...

E-Sic Software livre CMS - f Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: E-Sic Software livre CMS - Sql Injection Exploit Author: Elber Tavares fireshellsecurity.team/ Vendor Homepage: https://softwarepublico.gov.br/ Version: 1.0 Tested on: kali linux, windows 7, 8.1, 10 - Firefox Download...

Vendor BPC Silent on Patching SQL Injection in SmartVista Ecommerce Software

A popular ecommerce platform sold in 60 countries suffers from a SQL injection vulnerability privately disclosed in April that has yet to be patched by the vendor. BPC Banking Technologies of Switzerland has not acknowledged the vulnerability in its SmartVista suite of ecommerce and financial...

ClipShare 7.0 SQL Injection

Exploit Title: ClipShare v7.0 - SQL Injection Date: 2017-10-09 Exploit Author: 8bitsec Vendor Homepage: http://www.clip-share.com/ Software Link: http://www.clip-share.com/ Version: 7.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected] Contact: https://twitter.com/8bitsec Relea...

XCat - Automate XPath Injection Attacks to Retrieve Documents

XCat is a command line program that aides in the exploitation of blind XPath injection vulnerabilities. It can be used to retrieve the whole XML document being processed by a vulnerable XPath query, read arbitrary files on the hosts filesystem and utilize out of bound HTTP requests to make the...

PHP Multi Vendor Script 1.02 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Multi Vendor Script v1.02 - 'sid' Parameter SQL Injection Date: 2017-09-28 Exploit Author: 8bitsec Vendor Homepage: http://www.dexteritysolution.com/ Software Link:...

Real Estate MLM Plan Script 1.0 SQL Injection

Exploit Title: Real Estate MLM plan script v1.0 - 'srch' Parameter SQL Injection Date: 2017-09-28 Exploit Author: 8bitsec Vendor Homepage: http://www.mlmscript.in/ Software Link: http://www.mlmscript.in/real-estate-mlm-script.html Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email:...

Article Directory Script 3.0 SQL Injection

Exploit Title: Article Directory Script 3.0 - SQL Injection Dork: N/A Date: 29.09.2017 Vendor Homepage: http://www.yourarticlesdirectory.com/ Software Link: http://www.yourarticlesdirectory.com/ Demo: http://www.yourarticlesdirectory.com/livedemo.php Version: 3.0 Category: Webapps Tested on:...