WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection

Title: WordPress Plugin Pie Register order = escsql $order ; IV. PROOF OF CONCEPT The following URL have been confirmed to all suffer from Time Based SQL Injection. GET /wordpress/wp-admin/admin.php?page=pie-invitation-codes&orderby=name&order=desc original GET...

WordPress Pie Register Plugin < 3.0.9 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Title: WordPress Plugin Pie Register order = escsql $order ; IV. PROOF OF CONCEPT The following URL have been confirmed to all suffer from Time Based SQL Injection. GET...

WordPress Pie Register Blind SQL Injection

============================================= MGC ALERT 2018-004 - Original release date: May 10, 2018 - Last revised: June 11, 2018 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score - CVE-ID: CVE-2018-10969 ============================================= I. VULNERABILITY...

Pornhub: Blind SQL injection and making any profile comments from any users to disappear using "like" function (2 in 1 issues)

Researcher found a blind SQL injection in the profile comment Like functionality, executing on the second request made for a given comment dislikes. Summary The injection was found manually, used discovery methods are basically the same as described in this awesome article by @gerbenjavado:...

CVE-2018-10466

Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection...

CVE-2018-10466

Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection...

Sql injection

Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection...

CVE-2018-10466

Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection...

Sitemakin SLAC 1.0 - my_item_search SQL Injection

Sitemakin SLAC 1.0 - myitemsearch SQL Injection Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection Date: 29-05-2018 Vendor Homepage: https://sitemakin.com/login-script-demo Exploit Author: Divya Jain Version: v1.0 CVE: CVE-2018-11535 Category: Webapps Severity: High Tested on: KaLi...

Sitemakin SLAC 1.0 SQL Injection

Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection Date: 29-05-2018 Vendor Homepage: https://sitemakin.com/login-script-demo Exploit Author: Divya Jain Version: v1.0 CVE: CVE-2018-11535 Category: Webapps Severity: High Tested on: KaLi LinuXx64 Proof of Concept:...

CVE-2018-11309

Blind SQL injection in couponcode in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request...

CVE-2018-11309

CVE-2018-11309 affects the WordPress MemberMouse plugin up to version 2.2.8 (and earlier). The vulnerability is a blind SQL injection in the coupon_code parameter triggered via the applyCoupon action in admin-ajax.php, allowing an unauthenticated attacker to dump the WordPress MySQL database. Con...

Membermouse < 2.2.9 - Blind SQL Injection

Note: It seems like the affected plugin is the premium version from https://membermouse.com, the free one has been closed as of v1.2.0...

PaulPrinting CMS Printing 1.0 - SQL Injection

Exploit Title: PaulPrinting CMS Printing 1.0 - SQL Injection Exploit Date: 2018-05-19 Software Link: https://codecanyon.net/item/paulprinting-cms-printing-solutions/19546365 Author: Mehmet Onder Key Version: 1.0 Tested On: Linux 1. Description Any visitor can run code to exploit css and sql...

CVE-2018-1280

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents...

CVE-2018-1280

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents...

Tuleap 9.17.99.189 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found:...

Tuleap 9.17.99.189 - Blind SQL Injection

Tuleap 9.17.99.189 - Blind SQL Injection =============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found: 2018-02-24 by:...

Tuleap 9.17.99.189 - Blind SQL Injection

=============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found: 2018-02-24 by: Cristiano Maruti @cmaruti...

Tuleap 9.17.99.189 SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found:...