Seowon 130-SLC router - (queriesCnt) Remote Code Execution (Unauthenticated) Vulnerability

Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: All Version...

Lyrist - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Lyrist - Music Lyrics Script - SQL Injection Exploit Author: Meisam Monsef - email protected - @meisamrce Vendor Homepage: https://www.codester.com/items/7250/lyrist-music-lyrics-script Version: All Version Exploit :...

Internet Download Manager - Find Download Crash (PoC)

Internet Download Manager - Find Download Crash PoC !/⁠usr/⁠bin/⁠env python Title : Internet Download Manager -⁠ Crash Proof Of Concept Affected Versions: All Version Founder : InternetDownloadManager Tested on Windows 7 /⁠ Server 2008 Author : Mohammad Reza Espargham Linkedin :...

Internet Download Manager - Find Download Crash (PoC)

!/⁠usr/⁠bin/⁠env python Title : Internet Download Manager -⁠ Crash Proof Of Concept Affected Versions: All Version Founder : InternetDownloadManager Tested on Windows 7 /⁠ Server 2008 Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-⁠Mail : meatrezadotes ,...

WordPress Pie Register 2.0.14 Cross Site Scripting

+Title: Wordpress Pie Register Plugin 2.0.14 - XSS Vulnerability +Author: TUNISIAN CYBER +Date: 09/03/2015 +Type:WebApp +Risk:High +Affected Version:All +Overview: Pie Register 2.x suffers, from an XSS vulnerability. +Proof Of Concept: PHP global $pieregdirpath; includeonce...

WordPress Gallery 3.8.3 Arbitrary File Read

​ Exploit Title : Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability Author : IrIsT.Ir Discovered By : BeniVanda Home : http://IrIsT.Ir/forum/ Software Link : http://wordpress.org/extend/plugins/gallery-plugin/ Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu ...

Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability

a bug in Wordpress chenpress Plugin that allows to us to occur a File Upload on a Remote machin. Exploit Title : Wordpress chenpress Plugin Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk :...

Mu Perspectives CMS Cross Site Scripting

?? Exploit Title : Mu Perspectives Cms Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://www.muperspectives.com/ Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork :...

WordPress Chenpress Shell Upload

Exploit Title : Wordpress chenpress Plugin Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork :...

Ajax Data Uploader Shell Upload

0101010101----010101010101010 01 01------0101 0101 01 01------0101 0101 01 01------0101 0101 01 01------0101 0101 01 01------0101 0101 01 01------0101 0101 01 01------0101010101 01 01------0101 010 01 01------0101 010 01 01------0101 010 01 01------0101 010 01 01------0101 010 0101010101----0101...

Wordpress (editormonkey) Arbitrary File Upload Vulnerability

a bug in Wordpress editormonkeythat allows to us to occur a File Upload on a Remote machin. Exploit Title : Wordpress editormonkey Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk : High...

Sana Net SQL Injection

Exploit Title : Sana Net SQL Injection Author : Black Hat Group Home : greyh4t.com & black-hg.org Software Link : www.sana-net.ir Security Risk : High Version : All Version Dork : inurl:"viewgal.php?op=" p0c : viewgal.php?op=Sql example : http://hotel-alliance.com/viewgal.php?op=61'...

Results Unlimited CMS SQL Injection

Exploit Title : results-unlimited Cms Sql Injection Vulnerabilities Author : IrIsT Security Team - Security7 Security Team Discovered By : Am!r Home : http://IrIsT.Ir - http://Security7.Ir Software Link : http://www.results-unlimited.com/ Security Risk : High Version : All Version Tested on :...

BBSXP CMS SQL Injection

Exploit Title : BBSXP CMS SQL Injection Vulnerability Author : Secure-Land Security Team Discovered By : farbodmahini Home : Secure-Land.net Version : All Version Software Link : http://www.bbsxp.com/download.htm Contact : [email protected] , [email protected] Security Risk : High DorK :...

PHPWPOS Change Admin User And Password ( All Version )

Exploit for php platform in category web applications author : L3b-r1'z Title : PHPWPOS Change Admin User And Password All Version Dork : allintext: "2006 © Moisés Sequeira http://www.ptwebserve.com/phpwpos" Download : http://sourceforge.net/projects/phpwpos/files/phpwpos/ Contact : email protect...

Toronto Web Design Cross Site Scripting

Exploit Title : Toronto Cross-Site Scripting Vulnerabilities Author : Zarbat & IrIsT Security Team Discovered By : Am!r Home : Zarbat.Org & IrIsT.Ir Software Link : http://www.123web.ca/ Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork : "Toront...

Fink Project Cross Site Scripting

Exploit Title : finkproject Cross-Site Scripting Vulnerabilitiy Author : Emperor-Team Discovered By : Am!r Home : http://Emperor-Team.Org Software Link : http://finkproject.org/ Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Expl0iTs :...

WebEmlak Real Estate Cross Site Scripting

Exploit Title: WebEmlak Real Estate Script Stored XSS Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE Cross Site Scripting can be done using the URL input Vulnerable Page: index.php Example: index.php/ Exploit:...

web@all <= 1.1 XSS Vulnerability - Active Check

web@all is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Joomla! Component CamelcityDB 2.2 - SQL Injection

Joomla! Component CamelcityDB 2.2 - SQL Injection ============================================================== Joomla Component comcamelcitydb2 SQL Injection Vulnerability ============================================================== Title : Joomla Component comcamelcitydb2 SQL Injection...