Rebus:list (list.php, list_id param) - SQL Injection Vulnerability

No description provided by source. Exploit Title: Rebus:list SQL Injection Vulnerability Date: 3/18/2013 Vendor Homepage: http://www.ptfs-europe.com/products/rebus/rebuslist/ Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: listid= Google...

LiteRadius <= 3.2 - Multiple Blind SQL Injection Vulnerabilities

No description provided by source. Exploit Title: LiteRadius = 3.2 - Multiple Blind SQL Injection vulnerabilities Google Dork: allinurl: locator.php?long= Date: 7/12/2011 Author: Robert Cooper adminatwebsiteauditing.org Software Link: http://www.escaperadius.com/er/products/literadius/lr.php Test...

Webcat Multiple Blind SQL Injection Vulnerabilities

No description provided by source. Exploit Title: Webcat - Two Blind SQL Injection Vulnerabilities Google Dork: allinurl: scwebcat/ecat/cmsview.php Date: 6/23/2011 Author: w0rd w0rdatNULL0x00.com Software Link: http://webcat.sourceforge.net/ Tested on: Linux/Windows 7 Vulnerable Parameters: webid...

YABSoft Advanced Image Hosting Script SQL Injection Vulnerability

No description provided by source. Exploit Title: AIHS Advanced Image Hosting Script SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://yabsoft.com/ Tested on: Linux/Windows 7 Vulnerable File: viewcomments.php Vulnerable parameter:...

Rebus:list - list.php?list_id SQL Injection

Rebus:list - list.php?listid SQL Injection Exploit Title: Rebus:list SQL Injection Vulnerability Date: 3/18/2013 Vendor Homepage: http://www.ptfs-europe.com/products/rebus/rebuslist/ Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: listid=...

Rebus:list SQL Injection

Exploit Title: Rebus:list SQL Injection Vulnerability Date: 3/18/2013 Vendor Homepage: http://www.ptfs-europe.com/products/rebus/rebuslist/ Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: listid= Google Dork: intext: Powered by rebus:list...

WordPress Plugin Easy Webinar - Blind SQL Injection

WordPress Plugin Easy Webinar - Blind SQL Injection Exploit Title: Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability Vendor Homepage: www.easywebinarplugin.com Date: 10/26/2012 Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters:...

WordPress Easy Webinar Blind SQL Injection

Exploit Title: Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability Vendor Homepage: www.easywebinarplugin.com Date: 10/26/2012 Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: wid= Google Dork: allinurl: get-widget.php?wid=...

Simple Posting System 1.0 Final Local File Inclusion

Exploit Title: Simple Posting System Multiple Google Dork: inurl:sps.php?old= or inurl:sps.php " Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://realize.be/files/sps.tar.gz Version: 1.0 Final Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...

Max's Guestbook 1.0 Local File Inclusion / Path Disclosure

Exploit Title: Maxs Guestbook Google Dork: "Powered by PHP F1" Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://www.phpf1.com/download.html?dl=18 Version: 1.0 Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...

Joomla Jesubmit Shell Upload

Exploit Title: Joomla Component comjesubmit Arbitrary File Upload Date: 1/24/2012 Author: Robert Cooper Robert.Cooper at areyousecure.net Tested on: Linux/Windows 7 Exploit: Visit the website Navigate to index.php?option=comjesubmit&view=jesubmit&Itemid=id&lang=en or...

Ultimate Locator SQL Injection

Exploit Title: Ultimate Locator SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://www.ultimatelocator.com/ Dork: "Powered by Ultimate Locator" Tested on: Linux/Windows 7 Vulnerable File: resultslist.php Vulnerable parameter: radius= PoC:...

Advanced Image Hosting Script - SQL Injection

Exploit Title: AIHS Advanced Image Hosting Script SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://yabsoft.com/ Tested on: Linux/Windows 7 Vulnerable File: viewcomments.php Vulnerable parameter: viewcomments.php?gal=gallery id PoC:...

Advanced Image Hosting Script - SQL Injection

Advanced Image Hosting Script - SQL Injection Exploit Title: AIHS Advanced Image Hosting Script SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://yabsoft.com/ Tested on: Linux/Windows 7 Vulnerable File: viewcomments.php Vulnerable parameter:...

jbShop SQL Injection

Exploit Title: jbShop - e107 v7 CMS plugin - SQL Injection vulnerability Author: Robert Cooper adminatwebsiteauditing.org Software Link: http://sourceforge.net/projects/jbshop/ Tested on: Linux/Windows 7 Vulnerable Parameter: itemid= PoC:...

TheWebASP SQL Injection

Exploit Title: TheWebASP - Multiple SQL Injection vulnerabilities Date: 8/17/2011 Author: Robert Cooper adminatwebsiteauditing.org Software Link: http://www.thewebasp.com Tested on: Linux/Windows 7 Vulnerable Parameters: goodsdetail.php?cid= goodsdetail.php?gid= menulist.php?cid= PoC:...

Joomla Newssearch SQL Injection

Exploit Title: Joomla Component comnewssearch SQL Injection Vulnerability Google Dork: allinurl: index.php?comnewssearch Date: 7/15/2011 Author: Robert Cooper adminatwebsiteauditing.org Tested on: Linux/Windows 7 Vulnerable Parameters: id= Exploit:...

LiteRadius 3.2 Blind SQL Injection

Exploit Title: LiteRadius 80 www.websiteauditing.org www.areyousecure.net Shouts to the Belegit crew...

LiteRadius 3.2 - Multiple Blind SQL Injections

LiteRadius 3.2 - Multiple Blind SQL Injections Exploit Title: LiteRadius 80 www.websiteauditing.org www.areyousecure.net Shouts to the Belegit crew...

phpDealerLocator - Multiple SQL Injections

phpDealerLocator - Multiple SQL Injections Exploit Title: phpDealerLocator - Multiple SQL Injection vulnerabilities Date: 7/3/2011 Author: Robert Cooper adminatwebsiteauditing.org Software Link: phpdealerlocator.yourphppro.com Tested on: Linux/Windows 7 Vulnerable Parameters: record.php?DealerID=...