Modoboa Cross-Site Scripting Vulnerability

modoboa is an email hosting and management platform for individual developers. A cross-site scripting vulnerability exists in versions prior to modoboa 2.2.2, which originated at https://demo.modoboa.org/user/profile/中存在跨站脚本漏洞...

Stored Cross Site Scripting (XSS) via "properties" during creating new users

Description From demo url login click people icon at the left bar click "Customers" Click "New Customer" button from page Fill up the "Edit" tab Click "Save" button above Click "Properties" tab From "Add a custom Property" field , add "Test" on the first field Click and select "text" on the secon...

tiendapablus.com XSS vulnerability

Open Bug Bounty ID: OBB-674490 Description| Value ---|--- Affected Website:| tiendapablus.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

mooSocial Store 2.6 SQL Injection

Exploit Title: mooSocial Store Plugin 2.6 - SQL Injection Exploit Author: Andrea Bocchetti Date: 2018-08-28 Google Dork: N/A - Vendor: https://moosocial.com/product/store-plugins/ Software Link: https://moosocial.com/product/store-plugins/ Demo URL: http://addons.moosocial.com/stores Purchase lin...

Brother HL-L2340D / HL-L2380DW Cross Site Scripting

Exploit Title: XSS at Brother HL-L2340D & HL-L2380DW series Date: 30.05.2018 Exploit Author: Huy Kha Vendor Homepage: http://support.brother.com Software Link: Website Version: HL-L2340D & HL-L2380DW series Tested on: Mozilla FireFox Reflected XSS Payload : "--!" Description : Starting searching...

WordPress PopCash.Net Publisher Code Integration 1.0 Cross Site Scripting

Class Input Validation Error Remote Yes Reflected Yes Credit Ricardo Sanchez Vulnerable PopCash.Net Publisher Code Integration plugin 1.0 PopCash.Net Publisher Code Integration plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An...

Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection

Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection Exploit Title: Joomla! Component LMS King Professional v3.2.4.0 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : http://king-products.net/ Software:...

Airbnb Crashpadder Clone Script - SQL Injection

Exploit Title: Airbnb Crashpadder Clone Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/airbnb-premium-clone-script/ Demo: http://airbnb.clonedemo.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihs...

CLUB-8 EMS - SQL Injection

Exploit Title: CLUB-8 EMS - Event Management System - SQL Injection Google Dork: N/A Date: 10.02.2017 Vendor Homepage: http://rexbd.net/ Software Buy: https://codecanyon.net/item/club8-ems-event-management-system-a-to-z/14067759 Demo: http://ems.rexbd.net/ Version: N/A Tested on: Win7 x64, Kali...

Funny Image And Video Script 2.0.0 SQL Injection

Exploit Title: Flippy ChillOut a Funny Image and Video Script v2.0.0 - SQL Injection Google Dork: N/A Date: 06.02.2017 Vendor Homepage: https://www.flippyscripts.com/ Software Buy: https://www.flippyscripts.com/flippy-chillout-funny-image-and-video-script/ Demo: http://chillout.flippydemos.com/...

Joomla Event Booking 2.10.1 SQL Injection

Exploit Title : Joomla Event Booking Component - SQL Injection Exploit Author : Persian Hack Team Homepage : http://persian-team.ir Vendor Homepage : http://extensions.joomla.org/extension/event-booking Category Webapps Tested on Win Version : 2.10.1 Date 2016/09/25 PoC = Sql Injection : Date...

AN IT CMS - SQL Injection Vulnerability

========================================================== + Title :- WAN IT CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.wanitltd.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google...

Joomla ContusHDVideoShare com_contushdvideoshare - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla component comcontushdvideoshare - Arbitrary File Download Vulnerability Google Dork: "comcontushdvideoshare" Date: 25/01/2015 Exploit Author: X-Line Empire North - Tetouan Vendor Homepage: Dork : www.hdflvplayer.net...

Bs Realtor_Web Script SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs RealtorWeb Script Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL :http://www.brotherscripts.com/...

PenPals Authentication Bypass

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: PenPals Authentication Bypass Vendor url:http://www.anblik.com Version:1.0 Price:1200$ Published: 2010-06-17 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW...

ClickGallery Server SQL Injection Vulnerability

No description provided by source. ============================================================== ClickGallery Server--SQl iNjection Vulnerabilty ============================================================== Name : ClickGallery Server--SQl iNjection Vulnerabilty Date : july 9,2010 Critical Level...

Inout Ad server Ultimate Shell Upload Vulnerabilty

No description provided by source. ============================================================== Inout Ad server Ultimate -- Shell upload Vulnerabilty ============================================================== Name : Inout Ad server Ultimate Shell upload Vulnerabilty Date : july 9,2010...

KMSoft GB SQL Injection Vulnerabilty

No description provided by source. ============================================================== KMSoft GB --SQl iNjection Vulnerabilty ============================================================== Name : KMSoft GB --SQl iNjection Vulnerabilty Date : july 9,2010 Critical Level :VERY HIGH vendor...

IXXO Cart for Joomla SQLi Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : IXXO Cart for Joomla SQLi Vulnerability Date : july 9,2010 Critical Level : HIGH vendor URL :http://www.php-shop-system.com/...

SimpleAssets Authentication Bypass & XSS Vulnerability

No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:SimpleAssets Authentication Bypass & XSS Vulnerability Vendor...