Seowon SLR-120 Router - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Seowon SLR-120 Router - Remote Code Execution Unauthenticated Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=126&bigkind=B05&middlekind=B0530 Version: All version Tested on:...

Seowon SLR-120 Router Remote Code Execution

Exploit Title: Seowon SLR-120 Router - Remote Code Execution Unauthenticated Date: 2022-03-11 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=126&bigkind=B05&middlekind=B0530 Version: All versi...

Vanilla Forums 2.x Open Redirection

Exploit Title : VanillaForums 2.x Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 11/03/2019 Vendor Homepage : open.vanillaforums.com Software Information Link : vanillaforums.com/en/software/ open.vanillaforums.com/addon/vanilla-core Software...

Joomla PhocaMaps 3.0.5 Database Disclosure / SQL Injection

Exploit Title : Joomla PhocaMaps 3.0.5 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 14/02/2019 Vendor Homepage : phoca.cz/phocamaps Software Download Link : phoca.cz/download/category/38-phoca-maps-plugin Software Informati...

Typo3 CMS pw_highslide_gallery 0.3.1 Database Disclosure

Exploit Title : Typo3 CMS pwhighslidegallery Extension 0.3.1 Database Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/01/2019 Vendor Homepage : typo3.org Software Download Link : extensions.typo3.org/extension/download/pwhighslidegallery/0.3.1/zip/...

Quick Sales Network QuickXiao 1.0 SQL Injection

Exploit Title : Quick Sales Network QuickXiao 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : Quickxiao.Com Tested On : Windows Exploit Risk : Medium Category : WebApps Version Information : 1.0 CWE : CWE-89 Improper Neutralization of Special Elements...

SmartWorks Systems Pakistan 1.0 SQL Injection

Exploit Title : SmartWorks Systems Pakistan 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : smartworks.pk Tested On : Windows Exploit Risk : Medium Category : WebApps Version Information : Nginx 1.14.1 - jQuery 1.11.1 - jQuery UI 1.10.4 CWE : CWE-89...

ITAdvisorsNepal 9Qube Testimonials 1.0 Database Disclosure

Exploit Title : ITAdvisorsNepal 9Qube Testimonials Modules 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 17/12/2018 Vendor Homepage : itadvisorsnepal.com 9qube.com Software Download Link : N/A Tested On : Windows and Linux Category...

WordPress Real-Estate-Listing-Realtyna-Wpl 4.3.2 Database Disclosure

Exploit Title : WordPress Real-Estate-Listing-Realtyna-Wpl Plugins 4.3.2 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : realtyna.com wordpress.org/plugins/real-estate-listing-realtyna-wpl/ Software Download...

WordPress Events Made Easy 2.0.68 Database Disclosure

Exploit Title : WordPress Events Made Easy Plugins 2.0.68 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/events-made-easy/ Software Download Link :...

WordPress wp-contactpage-designer 1.0 Database Disclosure

Exploit Title : WordPress wp-contactpage-designer Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 03/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Versio...

WordPress sermon-shortcodes 1.0 Arbitrary File Download

Exploit Title : WordPress sermon-shortcodes 1.0 Plugins Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 27/11/2018 Vendor Homepage : wordpress.org sermonmanager.pro...

WordPress Events Calendar Premium 1.0 Database Disclosure

Exploit Title : WordPress events-calendar-premium Plugins 1.0 Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 30/11/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Version...

WordPress Universal Post Manager 1.5.0 Database Disclosure

Exploit Title : WordPress universal-post-manager 1.5.0 Plugins Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/11/2018 Vendor Homepage : wordpress.org/support/plugin/universal-post-manager/...

CVE-2018-1269: Loggregator does not properly close some TCP connections | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using loggregator-release Version 89.x prior to 89.5 Version 96.x prior to 96.1 Version 99.x prior to 99.1 Version 101.x prior to 101.9 Version 102.x prior to 102.2 Description Cloud Foundry...

CVE-2018-1268: Loggregator lacks app GUID validation | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using loggregator-release Version 89.x prior to 89.5 Version 96.x prior to 96.1 Version 99.x prior to 99.1 Version 101.x prior to 101.9 Version 102.x prior to 102.2 Description Cloud Foundry...

Monstra CMS 3.0.4 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications | | Exploit Title: Monstra cms Cross Site ScriptingXSS | Exploit Author: Ashiyane Digital security Team | Vendor Homepage : http://monstra.org/ | Software Link: https://bitbucket.org/Awilum/monstra/downloads/monstra-3.0.4.zip | Version: 3.0.4 ...

web2Project 3.3 Cross Site Scripting

| | Exploit Title: web2Project cms Cross Site ScriptingXSS | Exploit Author: Ashiyane Digital security Team | Vendor Homepage : https://web2project.net/ | Software Link: https://github.com/web2project/web2project/archive/version3.3.tar.gz | Version: 3.3 | Date: 2017-11-06 | Category: Webapps |...

Quick CMS 6.4 SQL Injection / Authentication Bypass

| | Exploit Title: Quick.Cmsv6.4 Autentication Bypass Vulnerability | Exploit Author: Ashiyane Digital security Team M.R.S.L.Y | Vendor Homepage: http://opensolution.org | Software Link: http://opensolution.org/download/home.html?sFile=Quick.Cmsv6.4-en.zip | Version: Quick.Cmsv6.4 | Date:...

CVE-2017-8048: Cloud Controller API regression | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions capi-release versions 1.33.0 and later, prior to 1.42.0 cf-release versions 268 and later, prior to 274 Please note: due to a bug in 274, it is not recommended for production use. Deployments should use...