19 matches found
CVE-2018-25187 Tina4 Stack 1.0.3 SQL Injection and Database File Download
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...
CVE-2018-25187 Tina4 Stack 1.0.3 SQL Injection and Database File Download
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...
CVE-2018-25164 EverSync 0.5 Arbitrary File Download via files Directory
EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application...
EUVD-2009-0502
Malware in sbrugna...
EUVD-2008-5567
Malware in sbrugna...
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...
Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download
Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...
Tina4 Stack 1.0.3 SQL Injection
Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...
Easyndexer 1.0 Cross Site Request Forgery
Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category:...
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link:...
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category:...
SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category:...
SaltOS Erp Crm 3.1 r8126 Database Download
Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category: Webapps Tested on:...
EasyIO Multiple Vulnerabilities (Dec 2016)
EasyIO FG-series devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:easyio:easyio";...
ESPCMS has a database file download vulnerability
ESSENCE ESPCMS website management system based on LAMP development and construction of the website management system. ESPCMS has a database file download vulnerability. Due to logging into the background and clicking upgrade, the system will automatically backup the database data, the backup file...
CVE-2009-1821
DMXReady Registration Manager 1.1 is affected. The root cause is insufficient access control that allows remote attackers to access the web root and download the databases/webblogmanager.mdb file, exposing sensitive data. The impact is partial confidentiality loss due to direct access to the data...
CVE-2009-0328
ROBS-PROJECTS Digital Sales IPN aka DS-IPN.NET or DS-IPN Paypal Shop stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for Database/Sales.mdb...
Improper access control
Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for database/downloads.mdb...