4 matches found
WordPress Plugin Easy Webinar - Blind SQL Injection
Exploit Title: Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability Vendor Homepage: www.easywebinarplugin.com Date: 10/26/2012 Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: wid= Google Dork: allinurl: get-widget.php?wid=...
Joomla Jesubmit Shell Upload
Exploit Title: Joomla Component comjesubmit Arbitrary File Upload Date: 1/24/2012 Author: Robert Cooper Robert.Cooper at areyousecure.net Tested on: Linux/Windows 7 Exploit: Visit the website Navigate to index.php?option=comjesubmit&view=jesubmit&Itemid=id&lang=en or...
Advanced Image Hosting Script - SQL Injection
Advanced Image Hosting Script - SQL Injection Exploit Title: AIHS Advanced Image Hosting Script SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://yabsoft.com/ Tested on: Linux/Windows 7 Vulnerable File: viewcomments.php Vulnerable parameter:...
TheWebASP SQL Injection
Exploit Title: TheWebASP - Multiple SQL Injection vulnerabilities Date: 8/17/2011 Author: Robert Cooper adminatwebsiteauditing.org Software Link: http://www.thewebasp.com Tested on: Linux/Windows 7 Vulnerable Parameters: goodsdetail.php?cid= goodsdetail.php?gid= menulist.php?cid= PoC:...