Lucene search
K

13 matches found

seebug.org
seebug.org
added 2016/11/22 12:0 a.m.14 views

Dolphin 7.3.2 authentication bypass and command execution vulnerabilities

No description provided by source. !/usr/bin/env python -- coding: utf-8 -- ''' Software : Dolphin = 7.3.2 Auth bypass / RCE exploit Vendor : www.boonex.com Author : Ahmed sultan 0x4148 Home : 0x4148.com | https://www.linkedin.com/in/0x4148 Email : [email protected] Auth bypass trick credit go to...

7.1AI score
Exploits0
0day.today
0day.today
added 2016/11/16 12:0 a.m.21 views

CS-Cart 4.3.10 - XML External Entity Injection Vulnerability

Exploit for php platform in category web applications Software : CS-Cart Ahmed sultan 0x4148 "; echo rawurlencodebase64encode$xml; ? change YOURHOST to your server address , use the output in the following POST request Action - HOST/cs-cart/index.php?dispatch=twigmo.post Data -...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/16 12:0 a.m.31 views

CS-Cart 4.3.10 - XML External Entity Injection

Software : CS-Cart Ahmed sultan 0x4148 "; echo rawurlencodebase64encode$xml; ? change YOURHOST to your server address , use the output in the following POST request Action - HOST/cs-cart/index.php?dispatch=twigmo.post Data - action=addtocart&data=DATAOUTPUTHERE&format=xml a GET request will be se...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/14 12:0 a.m.27 views

Boonex Dolphin 7.3.2 - Authentication Bypass Remote Code Execution

Boonex Dolphin 7.3.2 - Authentication Bypass Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- ''' Software : Dolphin = 7.3.2 Auth bypass / RCE exploit Vendor : www.boonex.com Author : Ahmed sultan 0x4148 Home : 0x4148.com | https://www.linkedin.com/in/0x4148 Email : [email protected]...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/14 12:0 a.m.39 views

Schoolhos CMS 2.29 Remote Code Execution / SQL Injection

\x0d\x0a-----------------------------26518470919255\x0d\x0a\x0d\x0a' \ 'http://HOST/PATH/elearningku/proses.php?pilih=guru&untukdi=upload' php file can be ccessed...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2016/11/13 12:0 a.m.29 views

Schoolhos CMS 2.29 - Remote Code Execution SQL Injection

Schoolhos CMS 2.29 - Remote Code Execution SQL Injection \x0d\x0a-----------------------------26518470919255\x0d\x0a\x0d\x0a' \ 'http://HOST/PATH/elearningku/proses.php?pilih=guru&untukdi=upload'...

0.7AI score
Exploits0
0day.today
0day.today
added 2016/11/11 12:0 a.m.55 views

4Images 1.7.13 - SQL Injection Vulnerability

Exploit for php platform in category web applications vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/10 12:0 a.m.41 views

4images 1.7.13 SQL Injection

vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET /lab/4images1.7.13/4images/admin/validateimages.php?action=validateimages&orderby=extractvalue1,concat0x7e,version&direction=ASC&limitnumber=1...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2016/08/19 12:0 a.m.15 views

tcPbX - tcpbx_lang Local File Inclusion

tcPbX - tcpbxlang Local File Inclusion Vulnerable hardware : tcpbx voip distro Vendor : www.tcpbx.org Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , tcPbX is a complete and functional VoIP phone system based on Asterisk open source software and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/08/19 12:0 a.m.73 views

ZYCOO IP Phone System - Remote Command Execution

Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP telecommunication in SMB Small and Medium-sized Business market...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/08/19 12:0 a.m.28 views

ZYCOO IP Phone System - Remote Command Execution

ZYCOO IP Phone System - Remote Command Execution Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP telecommunicatio...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/01/06 12:0 a.m.48 views

MediaAccess TG788vn - Unauthenticated File Disclosure

Exploit for hardware platform in category web applications Vulnerable hardware : MediaAccess TG788vn with Cisco http firewall Author : Ahmed Sultan 0x4148 Email : email protected MediaAccess TG788vn with Cisco firewall http config is vulnerable to critical unauthenticated file disclosure flaw, PO...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/01/06 12:0 a.m.34 views

MediaAccess TG788vn - File Disclosure

Vulnerable hardware : MediaAccess TG788vn with Cisco http firewall Author : Ahmed Sultan 0x4148 Email : [email protected] MediaAccess TG788vn with Cisco firewall http config is vulnerable to critical unauthenticated file disclosure flaw, POC Request: POST /scgi-bin/platform.cgi HTTP/1.1 Host:...

7.4AI score
Exploits0
Rows per page
Query Builder