446 matches found
Twitter-Clone 1 - 'code' SQL Injection
Exploit Title: Twitter-Clone 1 - 'code' SQL Injection Date: 2018-08-22 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 vulnerable files : mailactivation.php , stalkers.php , search.php vulnerable parameters : name , code , id...
Twitter-Clone 1 SQL Injection
Exploit Title: Twitter-Clone 1 - 'code' SQL Injection Date: 2018-08-22 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 vulnerable files : mailactivation.php , stalkers.php , search.php vulnerable parameters : name , code , id...
Smart SMS & Email Manager 3.3 - contact_type_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Smart SMS & Email Manager v3.3 - SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/smart-sms-email-manager-ssem/14817919 Version: 3.3 Tested on: Kali linux...
NewMark CMS 2.1 SQL Injection
Exploit Title: NewMark CMS 2.1 - SQL Injection secid Google Dork: /catalog/?sectid= Date: 2018-06-20 Exploit Author: Berk Dusunur Vendor Homepage: https://nmark.ru/ Software Link: https://nmark.ru/razrabotka/korporativniy-sayt/ Version: v2.1 Tested on: Pardus CVE : N/A Prof Of Consept sec id...
NewMark CMS 2.1 - sec_id SQL Injection
NewMark CMS 2.1 - secid SQL Injection Exploit Title: NewMark CMS 2.1 - SQL Injection secid Google Dork: /catalog/?sectid= Date: 2018-06-20 Exploit Author: Berk Dusunur Vendor Homepage: https://nmark.ru/ Software Link: https://nmark.ru/razrabotka/korporativniy-sayt/ Version: v2.1 Tested on: Pardus...
NewMark CMS 2.1 - sec_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: NewMark CMS 2.1 - SQL Injection secid Google Dork: /catalog/?sectid= Exploit Author: Berk Dusunur Vendor Homepage: https://nmark.ru/ Software Link: https://nmark.ru/razrabotka/korporativniy-sayt/ Version: v2.1 Tested on: Pardus...
NewMark CMS 2.1 - 'sec_id' SQL Injection
Exploit Title: NewMark CMS 2.1 - SQL Injection secid Google Dork: /catalog/?sectid= Date: 2018-06-20 Exploit Author: Berk Dusunur Vendor Homepage: https://nmark.ru/ Software Link: https://nmark.ru/razrabotka/korporativniy-sayt/ Version: v2.1 Tested on: Pardus CVE : N/A Prof Of Consept sec id...
Joomla! Component EkRishta 2.10 - username SQL Injection
Joomla! Component EkRishta 2.10 - username SQL Injection Exploit Title: Joomla! Component EkRishta 2.10 - 'username' SQL Injection Date: 2018-06-11 Exploit Author: L0RD Software Link: https://extensions.joomla.org/extension/ek-rishta/ Vendor Homepage: https://www.joomlaextensions.co.in/ Version:...
Joomla EkRishta 2.10 SQL Injection
Exploit Title: Joomla! Component EkRishta 2.10 - 'username' SQL Injection Date: 2018-06-11 Exploit Author: L0RD Software Link: https://extensions.joomla.org/extension/ek-rishta/ Vendor Homepage: https://www.joomlaextensions.co.in/ Version: 2.10 Tested on: Win 10 POC : SQLi : Parameter : username...
Joomla EkRishta 2.10 Component - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component EkRishta 2.10 - 'username' SQL Injection Exploit Author: L0RD Software Link: https://extensions.joomla.org/extension/ek-rishta/ Vendor Homepage: https://www.joomlaextensions.co.in/ Version: 2.10 Tested on: Win ...
CVE-2018-11140
The 'reportID' parameter received by the '/common/runreport.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection in particular, an error-based type...
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection
Exploit Title: MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 Version: 1.7 - seventh update Category...
NewsBee CMS 1.4 - download.php SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: NewsBee CMS 1.4 - 'download.php' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 Version: 1.4 / fourth updat...
MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting
Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 Version: 1.0 Category: Webapps...
MySQL Blob Uploader 1.7 - home-filet-edit.php SQL Injection
MySQL Blob Uploader 1.7 - home-filet-edit.php SQL Injection Exploit Title: MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage:...
Auto Car 1.2 - car_title SQL Injection / Cross-Site Scripting Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Auto car 1.2 - 'cartitle' SQL Injection / Cross-Site Scripting Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/auto-car-car-listing-script/19221368?srank=1159 Version: 1.2 Tested on: Win 10 POC...
MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection
Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 Version: 1.0 Category: Webapps...
Auto Car 1.2 Cross Site Scripting / SQL Injection
Exploit Title: Auto car 1.2 - 'cartitle' SQL Injection / Cross-Site Scripting Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/auto-car-car-listing-script/19221368?srank=1159 Version: 1.2 Tested on: Win 10 POC 1: SQLi: Parameter: cartitle Type:...
Auto Car 1.2 - car_title SQL Injection Cross-Site Scripting
Auto Car 1.2 - cartitle SQL Injection Cross-Site Scripting Exploit Title: Auto car 1.2 - 'cartitle' SQL Injection / Cross-Site Scripting Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/auto-car-car-listing-script/19221368?srank=1159 Version: 1.2...
NewsBee CMS 1.4 - 'download.php' SQL Injection
Exploit Title: NewsBee CMS 1.4 - 'download.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 Version: 1.4 / fourth update Category: Webapps Tested...