CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2018/04/26 12:0 a.m.•39 views

HRSALE The Ultimate HRM 1.0.2 Cross Site Scripting

Exploit Title: HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross Site Scripting Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10259 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux...

5.6AI score0.01613EPSS

0day.today•added 2018/04/26 12:0 a.m.•86 views

HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross Site Scripting Exploit Author: 8bitsec CVE: CVE-2018-10259 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619...

5.6AI score0.01613EPSS

0day.today•added 2018/04/25 12:0 a.m.•42 views

Blog Master Pro v1.0 - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Blog Master Pro v1.0 - CSV Injection Exploit Author: 8bitsec CVE: CVE-2018-10255 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/blog-master-pro/21689781 Version: 1.0 Tested on: Kali Linux 2.0...

0.2AI score0.0719EPSS

Exploits4

exploitpack•added 2018/04/25 12:0 a.m.•32 views

HRSALE The Ultimate HRM 1.0.2 - award_id SQL Injection

HRSALE The Ultimate HRM 1.0.2 - awardid SQL Injection Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link:...

6.5CVSS0.1AI score0.02616EPSS

0day.today•added 2018/04/25 12:0 a.m.•53 views

Shopy Point of Sale v1.0 - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Shopy Point of Sale v1.0 - CSV Injection Exploit Author: 8bitsec CVE: CVE-2018-10258 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/shopy-point-of-sales/21730225 Version: 1.0 Tested on: Kali...

0.07553EPSS

Exploit DB•added 2018/04/25 12:0 a.m.•41 views

Blog Master Pro 1.0 - CSV Injection

Exploit Title: Blog Master Pro v1.0 - CSV Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10255 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/blog-master-pro/21689781 Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.13 Release Date:...

8.8CVSS8.8AI score0.0719EPSS

Exploits4

Exploit DB•added 2018/04/25 12:0 a.m.•37 views

Shopy Point of Sale 1.0 - CSV Injection

Exploit Title: Shopy Point of Sale v1.0 - CSV Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10258 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/shopy-point-of-sales/21730225 Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.13 Release Date...

8.8CVSS8.9AI score0.07553EPSS

Exploit DB•added 2018/04/25 12:0 a.m.•43 views

HRSALE The Ultimate HRM 1.0.2 - CSV Injection

Exploit Title: HRSALE The Ultimate HRM 1.0.2 - CSV Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10257 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac OS 10.13...

8.8CVSS8.8AI score0.04389EPSS

Exploits4

Exploit DB•added 2018/04/25 12:0 a.m.•34 views

HRSALE The Ultimate HRM 1.0.2 - 'award_id' SQL Injection

Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac ...

8.8CVSS8.8AI score0.02616EPSS

Exploit DB•added 2018/04/25 12:0 a.m.•40 views

HRSALE The Ultimate HRM 1.0.2 - (Authenticated) Cross-Site Scripting

5.4CVSS5.6AI score0.01613EPSS

Exploit DB•added 2018/04/25 12:0 a.m.•28 views

HRSALE The Ultimate HRM 1.0.2 - Local File Inclusion

8.8CVSS8.8AI score0.05824EPSS

Packet Storm•added 2018/02/25 12:0 a.m.•29 views

Advance Loan Management System 2.4.2 Database Disclosure

========================================================================================================================================== | Title : Advance Loan Management System Version 2.4.2 database Disclosure Vulnerability | | Author : indoushka | | Telegram : @indoushka | | Tested on : Win ...

Joomla! Vulnerable Extensions List•added 2018/02/23 12:0 a.m.•44 views

Timetable Responsive Schedule, 1.6, SQL injection

Timetable Responsive Schedule For Joomla by QuanticaLabs, versions 1.6. and previous, SQL injection Resolution: update to 1.7 update notice: https://codecanyon.net/item/timetable-responsive-schedule-for-joomla/9749539item-descriptionupdates...

9.8CVSS1.6AI score0.20166EPSS

Exploits5References3Affected Software1

Packet Storm•added 2018/02/16 12:0 a.m.•23 views

TV Video Subscription SQL Injection

Exploit Title: TV - Video Subscription - Authentication Bypass Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://codecanyon.net/item/tv-video-subscription/13966427?srank=1677 Version: All version Category: Webapps CVE: N/A...

exploitpack•added 2018/02/16 12:0 a.m.•11 views

TV - Video Subscription - Authentication Bypass SQL Injection

TV - Video Subscription - Authentication Bypass SQL Injection Exploit Title: TV - Video Subscription - Authentication Bypass Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...

0.8AI score

0day.today•added 2018/02/14 12:0 a.m.•46 views

SOA School Management - access_login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SOA - School Management Software with Integrated Parents/Students Portal & Mobile App - 'accesslogin' SQL Injection Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage:...

Packet Storm•added 2018/02/10 12:0 a.m.•38 views

WordPress Bookly Lite 13.2 Cross Site Scripting

In January I found a stored XSS in Bookly WP Plugin 10,000+ download for Lite version on official WordPress plugin site and 18,000+ for Pro version on CodeCanyon. Link of Bookly stored XSS proof-of-concept: https://www.gubello.me/blog/bookly-blind-stored-xss/ During the booking phase, an...

6.5AI score0.01001EPSS

Exploits2

Packet Storm•added 2018/02/02 12:0 a.m.•36 views

Advance Loan Management System 1.0 SQL Injection

Exploit Title: Advance Loan Management System - 'id' SQL Injection Date: 2018-01-31 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/advance-loan-management-system-with-savings-system-and-sms-notification/21283070 Version: 1.0 Tested on:...

0day.today•added 2018/02/02 12:0 a.m.•20 views

Event Manager 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Event Manager PHP Script 1.0 - SQL Injection Dork: N/A Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/eventmanager-php-script-admin-panel/21280741 Version: 1.0 Category: Webapps Tested on:...