2032 matches found
Joomla! -- multiple vulnerabilities
The JSST and the Joomla! Security Center report: 20161201 - Core - Elevated Privileges Incorrect use of unfiltered data stored to the session on a form validation failure allows for existing user accounts to be modified; to include resetting their username, password, and user group assignments...
Lepton 2.2.2 Stable Shell Upload
Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: Code Execution Remote Exploitable: Yes...
[20161202] - Core - Shell Upload
Inadequate filesystem checks allowed files with alternative PHP file extensions to be uploaded...
PizzaInn Beta 3 specials-exec.php Shell Upload
Exploit Title :----------------- : PizzaInn Restaurant Scripti Beta v3 - specials-exec.php - Shell Upload. Author :------------------------ : Nassim Asrir Author Company :------------------------ : HenceForth Author Email :------------------------ : [email protected] Google Dork :---------------...
CNDSOFT 2.3 Cross Site Request Forgery / Shell Upload
========================================================================================================= Exploit Title: CNDSOFT 2.3 - Arbitrary File Upload with CSRF shell.php Author: Besim Google Dork: - Date: 19/10/2016 Type: webapps Platform : PHP Vendor Homepage: - Software Link:...
PizzaInn Beta 3 specials-exec.php Shell Upload Exploit
Exploit for php platform in category web applications Exploit Title :----------------- : PizzaInn Restaurant Scripti Beta v3 - specials-exec.php - Shell Upload. Author :------------------------ : Nassim Asrir Author Company :------------------------ : HenceForth Author Email...
CloudShare 1.6 Shell Upload
======================================================================== | Title : CloudShare v1.6 Shell upload vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : v1.6 | Vendor :...
Joomla com_aicontactsafe Arbitrary File Upload / SQL injection Vulnerability
Exploit for php platform in category web applications Exploit Title : Joomla comaicontactsafe Arbitrary File Upload / SQL injection Vulnerability Exploit Author : xBADGIRL21 Dork : inurl:index.php?option=comaicontactsafe Software link :...
Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork : inurl:/wp-content/plugins/Tevolution/tmplconnector Vendor Homepage : https://templatic.com/ version : 2.3.1 Tested on:...
Simpla Admin Single-adsID SQL Injection / Shell Upload Vulnerabilities
Exploit for php platform in category web applications Exploit Title : Simpla Admin Single-adsID SQL Injection / Shell Upload Exploit Author : xBADGIRL21 Dork : intext:connexion "single-ads.php?ID=" or inurl:.single-ads.php?ID= Software link :...
Bezaat Script V2 Arbitrary Shell Upload Vulnerability
Exploit for php platform in category web applications Exploit Title : Bezaat Script V2 Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork 1 : index of /SystemImagesads/ Dork 2 : Powed by Greenit Egypt for Information Technology Vendor Homepage :...
Wordpress plugin bordeaux theme upload shell vulnerability
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An upload vulnerability exists in the WordPress plugin bordeaux theme, which can be exploited by an attacker ...
Bezaat Script 2 Shell Upload
Exploit Title : Bezaat Script V2 Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork 1 : index of /SystemImagesads/ Dork 2 : Powed by Greenit Egypt for Information Technology Vendor Homepage : http://greenitegypt.net/products.php?catid=1 Tested on: BACKBOX MyBlog :...
HelpDeskZ 1.0.2 unauthorized Shell upload
No description provided by source. ''' Exploit Title: HelpDeskZ /submitticketcontroller.php - Line 141 $filename = md5$FILES'attachment''name'.time.".".$ext; So by guessing the time the file was uploaded, we can get RCE. Steps to reproduce:...
HelpDeskZ 1.0.2 - Arbitrary File Upload
''' Updated Exploit Provided by Drew Griess Exploit Title HelpDeskZ = v1.0.2 - Unauthenticated Shell Upload Google Dork intextHelp Desk Software by HelpDeskZ Date 2016-08-26 Exploit Author Lars Morgenroth - @krankoPwnz Vendor Homepage httpwww.helpdeskz.com Software Link...
HelpDeskZ 1.0.2 - Arbitrary File Upload
HelpDeskZ 1.0.2 - Arbitrary File Upload ''' Updated Exploit Provided by Drew Griess Exploit Title HelpDeskZ = v1.0.2 - Unauthenticated Shell Upload Google Dork intextHelp Desk Software by HelpDeskZ Date 2016-08-26 Exploit Author Lars Morgenroth - @krankoPwnz Vendor Homepage httpwww.helpdeskz.com...
HelpDeskZ 1.0.2 - Unauthenticated Arbitrary File Upload
Exploit for php platform in category web applications ''' Exploit Title: HelpDeskZ /submitticketcontroller.php - Line 141 $filename = md5$FILES'attachment''name'.time.".".$ext; So by guessing the time the file was uploaded, we can get RCE. Steps to reproduce:...
HelpDeskz 1.0.2 Shell Upload
Exploit Title: HelpDeskZ /submitticketcontroller.php - Line 141 $filename = md5$FILES'attachment''name'.time.".".$ext; So by guessing the time the file was uploaded, we can get RCE. Steps to reproduce: http://localhost/helpdeskz/?v=submitticket&action=displayForm Enter anything in the mandatory...
WordPress Tevolution 2.3.1 Shell Upload
Exploit Title : Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork : inurl:/wp-content/plugins/Tevolution/tmplconnector Vendor Homepage : https://templatic.com/ version : 2.3.1 Tested on: BackBox skype:xbadgirl21 Date: 15/08/2016 video Proof :...
Joomla Weblinks Shell Upload
Exploit Title : Joomla comweblinks Shell Upload Vulnerability Exploit Author : howucan Website : http://howucan.gr Dork : allinurl:/index.php?option ename jformdescription asset=comweblinks Software link : http://extensions.joomla.org/extensions/extension/official-extensions/weblinks Tested on:...