Joomla AI Contact Safe 2.0.20 Shell Upload / SQL Injection

Exploit Title : Joomla comaicontactsafe Arbitrary File Upload / SQL injection Vulnerability Exploit Author : xBADGIRL21 Dork : inurl:index.php?option=comaicontactsafe Software link : http://www.algisinfo.com/en/download/category/1-free-extensions.html Vendor Homepage : http://www.algisinfo.com/...

Simpla Admin 1.02 Shell Upload / SQL Injection

Exploit Title : Simpla Admin Single-adsID SQL Injection / Shell Upload Exploit Author : xBADGIRL21 Dork : intext:connexion "single-ads.php?ID=" or inurl:.single-ads.php?ID= Software link : https://themeforest.net/item/simpla-admin-flexible-user-friendly-admin-skin/46073 Category: Webapps Tested o...

Joomla SmartFormer 2.4.1 Shell Upload Vulnerability

Detects the installed version of Joomla Smartformer. The script detects the version of Joomla Smartformer component on remote host and tells whether it is vulnerable or not. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Iranian Weblog Services 3.3 Cross Site Scripting / Shell Upload / SQL Injection

Document Title: =============== Iranian Weblog Services v3.3 CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1862 CWE-89 CWE-79 CWE-264 http://cwe.mitre.org/data/definitions/89 http://cwe.mitre.org/data/definitions/79...

phpATM 1.32 (Windows) - Arbitrary File Upload Remote Command Execution

phpATM 1.32 Windows - Arbitrary File Upload Remote Command Execution ?php / Exploit Title : "phpATM = 1.32 Remote Command Execution Shell Upload on Windows Servers" Date : 17/06/2016 Author : Paolo Massenio - pmassenioATgmail Vendor : phpATM - http://phpatm.org/ Version : = 1.32 Tested on : Windo...

phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution

?php / Exploit Title : "phpATM = 1.32 Remote Command Execution Shell Upload on Windows Servers" Date : 17/06/2016 Author : Paolo Massenio - pmassenioATgmail Vendor : phpATM - http://phpatm.org/ Version : = 1.32 Tested on : Windows 10 with XAMPP PoF "phpATM is the acronym for PHP Advanced Transfer...

phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)

Exploit for php platform in category web applications ?php / Exploit Title : "phpATM = 1.32 Remote Command Execution Shell Upload on Windows Servers" Date : 17/06/2016 Author : Paolo Massenio - pmassenioATgmail Vendor : phpATM - http://phpatm.org/ Version : = 1.32 Tested on : Windows 10 with XAMP...

phpATM 1.32 Remote Command Execution / Shell Upload

?php / Exploit Title : "phpATM = 1.32 Remote Command Execution Shell Upload on Windows Servers" Date : 17/06/2016 Author : Paolo Massenio - pmassenioATgmail Vendor : phpATM - http://phpatm.org/ Version : = 1.32 Tested on : Windows 10 with XAMPP PoF "phpATM is the acronym for PHP Advanced Transfer...

Viart Shopping Cart 5.0 CSRF / Shell Upload

function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://localhost/admin/adminfmuploadfiles.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"; xhr.setRequestHeader"Accept-Language", "en-US,en;q=0.5";...

Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload

Exploit for php platform in category web applications function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://localhost/admin/adminfmuploadfiles.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8";...

Viart Shopping Cart 5.0 - Cross-Site Request Forgery Arbitrary File Upload

Viart Shopping Cart 5.0 - Cross-Site Request Forgery Arbitrary File Upload function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://localhost/admin/adminfmuploadfiles.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8";...

WordPress Levo-Slideshow 2.3 Shell Upload

Exploit Name: Wordpress Levo-Slideshow 2.3 Shell Upload by Unprivileged user Exploit Date: 5/6/2016 Author: Aaditya Purani Author Blog: https://aadityapurani.com Vendor: https://wordpress.org/plugins/wp-levoslideshow Version: 2.3 Tested on: Wordpress 4.5.2 Hi This is Aaditya Purani, Let's have lo...

FlatPress 1.0.3 Cross Site Request Forgery / Shell Upload

FlatPress 1.0.3 CSRF Arbitrary File Upload RCE PoC function exec var command = document.getElementById"exec"; var url = "http://localhost/flatpress/fp-content/attachs/test.php?cmd="; var cmdexec = command.v...

XYCMS健身会所建站系统 v1.1 jsxm_detail.asp 参数id SQL注入漏洞

0x01漏洞简介 XYCMS健身会所建站系统采用asp+access架构。其v1.1版本在/jsxmdetail.asp处对参数id 过滤不严，导致出现SQL注入漏洞。 0x02漏洞详情 该系统默认存在一个管理员数据表adminuser，该表包含管理员名称字段admin和密码 md5加密字段password，远程攻击者可以结合union方式获取敏感信息，登陆后台，上传shell。 0x03修复方案 过滤。...

Mobilya Scripti 2 Shell Upload

Exploit Title: Mobilya Scripti v2 File Upload 2. Google Dork: intext:Lütfen sadece .doc yada .pdf uzantılı dosya gönderin. 3. Date: 10.4.2016 4. Exploit Author: [email protected] 5. Vendor Homepage: http://www.hazirscriptler.web.tr/mobilya-scripti-php-v2 6. Version: v2 7. Tested...

EduWind在线教育建站系统 MeController.php 逻辑漏洞可导致上传shell

No description provided by source...

Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities

Administrator optionsModify Current Theme" or use site.com/members/console.php?cID=61. You can then insert the PHP code of your choosing into Footer. In order to add or edit code you are required to provide a special Admin Key that was defined during install. The key isn't needed as the check is...

Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities

Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities Administrator optionsModify Current Theme" or use site.com/members/console.php?cID=61. You can then insert the PHP code of your choosing into Footer. In order to add or edit code you are required to provide a special Admin Key that was...

Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities

Exploit for php platform in category web applications Administrator optionsModify Current Theme" or use site.com/members/console.php?cID=61. You can then insert the PHP code of your choosing into Footer. In order to add or edit code you are required to provide a special Admin Key that was defined...

JMX2 Email Tester - 'save_email.php' Arbitrary File Upload

Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link: https://github.com/johnfmorton/jmx2-Email-Tester/archive/master.zip Tested on: debian wheezy CVE : none...