osCommerce 2.3.4.1 - products_id SQL Injection

osCommerce 2.3.4.1 - productsid SQL Injection Exploit Title: osCommerce 2.3.4.1 - 'productsid' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category:...

osCommerce 2.3.4.1 SQL Injection

Exploit Title: osCommerce 2.3.4.1 - 'currency' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on: Wampp @Win CVE: N/A Software...

osCommerce 2.3.4.1 - reviews_id SQL Injection

osCommerce 2.3.4.1 - reviewsid SQL Injection Exploit Title: osCommerce 2.3.4.1 - 'reviewsid' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category:...

osCommerce 2.3.4.1 - 'currency' SQL Injection

Exploit Title: osCommerce 2.3.4.1 - 'currency' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on: Wampp @Win CVE: N/A Software...

Podcast Generator 2.7 Cross Site Scripting

Stored Cross-site Scripting Vulnerability in Podcast Generator 2.7 Information -------------------- Advisory by Netsparker Name: Stored Cross-site scripting in Podcast Generator 2.7 Affected Software: Podcast Generator Affected Versions: 2.7 Homepage: http://www.podcastgenerator.net/ Vulnerabilit...

Zurmo 2.3.4 Cross Site Scripting

Code Evolution PHP Vulnerability in Zurmo 2.3.4 Information -------------------- Advisory by Netsparker Name: Code Evolution PHP in Zurmo 2.3.4 Affected Software: Zurmo Affected Versions: 2.3.4 Homepage: http://zurmo.org/ Vulnerability: Code evolution PHP Severity: Critical Status: Not Fixed CVSS...

Bolt CMS < 3.6.2 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Bolt CMS https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting/raw/master/bolt-v3.6.2.zip Affected Version: alert"Raif" Description Bolt CMS 3.6.2 allows XSS via text input click preview button as demonstrated by the...

Seopanel 3.13.0 Cross Site Scripting

Multiple Reflected Cross-site Scripting Vulnerabilities in Seopanel 3.13.0 Information -------------------- Advisory by Netsparker Name: Reflected Cross-site Scripting Vulnerabilities in Seopanel Affected Software: Seopanel Affected Versions: 3.13.0 Homepage: https://www.seopanel.in Vulnerability...

Internet Bug Bounty: DoS for HTTP/2 connections by crafted requests (CVE-2018-1333)

modhttp2 can be tricked by specially crafted requests to hold server resources longer than necessary. A simple demonstration of this for a server with h2c enabled is as follows: for x in seq 0 500; do echo...

Dolibarr ERP CRM 7.0.3 Code Injection

Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Date: 06/29/2018 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3 Tested on: Unix, Windows Technical Details...

TestLink 1.9.13 Cross Site Scripting / SQL Injection Vulnerabilities

Exploit for php platform in category web applications Information -------------------- Advisory by Netsparker. Name: SQL Injection Vulnerability in TestLink 1.9.13 Affected Software : TestLink Affected Versions: 1.9.1.3 and possibly below Vendor Homepage : http://testlink.org/ Vulnerability Type ...

Google Analyticator Multiple XSS Vulnerabilities

Proof of Concept URLs for XSS in Google Analyticator 6.4.9.4: Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator Parameter Name gaadsense Parameter Type POST Attack Pattern x'" onmouseover=alert9 Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticato...

Joomla Health & Fitness Stats Persistent XSS Vulnerability

No description provided by source. Name : Joomla Health & Fitness Stats Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://joomla-extensions.instantiate.co.uk/jcomponents/healthstats Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...

DMXReady Members Area Manager Persistent XSS Vulnerability

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: DMXReady Members Area Manager Persistent XSS Vendor url:http://www.dmxready.com/ Version:2 Price:295$ Published: 2010-09-06 GThanx to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic...

Joomla SocialAds Component com_socialads Persistent XSS Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla comsocialads Persistent Xss Vulnerability Date : july 3,2010 Critical Level : HIGH vendor URL :http://techjoomla.com/...

Joomla Rapid Recipe Persistent XSS Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla Rapid Recipe Persistent XSS Vulnerability Date : july, 11 2010 Critical Level : HIGH Vendor Url :...

pixelpost 1.7.3 - Multiple Vulnerabilities

No description provided by source. 1 +Exploit Title: pixelpostv1.7.3 Multiple vulnerabilities 0 0 +Date: 15/09/2010 1 1 +Author: Sweet 0 0 +Contact : [email protected] 0 1 +Software Link: http://www.pixelpost.org/ 0 0 +Download: http://www.pixelpost.org/ 1 1 +Version: 1.7.3 0 0 +Tested on: WinX...

Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Airlock WAF overlong UTF-8 sequence bypass product: Airlock vulnerable version: = 4.2.4 without hotfix HF4213 fixed version: 4.2.5 impact: critical homepage:...

Omnistar Mailer SQL Injection / Cross Site Scripting

1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Omnistar Mailer SQLi Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://www.omnistarmailer.com/ Author : Sid3^effects aKa HaRi special...

Code Widget Pop-Over Login Form (ASP) Authentication Bypass

Exploit for asp platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...