443 matches found
Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez Martinez i0akiN...
Arab Portal 3 SQL Injection
In The Name Of ALLAH title : Arabportal 3 SQL injection vulnerability Exploit Title: Arabportal 3 registeration section SQL injection vulnerability Google Dork: inurl:members.php?action=signup Date: 2015/07/10 july 10th Exploit Author: ali ahmady -- Iranian Security Researcher snip3rirathotmail.c...
ApPHP Hotel Site 3.x.x SQL Injection Vulnerability
ApPHP Hotel Site version 3.x.x suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data. ApPHP Hotel site SQLi Vulnerability ApPHP Hotel Site is an Hotel application programs using PHP Language. title : ApPHP Hotel Site v.3.x.x. godork : ".php?pid=" "ApP...
Amazon Product In a Post Plugin - SQL Injection
amazon-product-in-a-post.php - this plugin takes raw user values and uses it delete from the database. This query can be manipulated to perform SQL injection attacks. Line 40: $tempswe = $wpdb-query"DELETE FROM $wpdb-prefixamazoncache WHERE Cacheid ='$wp-queryvars'appip-cache-id'' LIMIT 1;"; sqlm...
IP. Board <= 3.4.7 SQL Injection analysis-vulnerability warning-the black bar safety net
IPB stands for Invision Power Board is a PHP Development Forum program, foreign used more widely. In its 3. 4. 7 version and the previous presence of a SQL injection vulnerability, this article to its analysis. poc link http://seclists.org/fulldisclosure/2014/Nov/20 !/ usr/bin/env python Sunday,...
phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection Vulnerability
phpSFP Schedule Facebook Posts version 1.5.6 suffers from a remote SQL injection vulnerability. | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection 0-day Website :...
Joomla Gallery WD SQL Injection
Exploit Title: Joomla Gallery WD - SQL Injection Vulnerability Google Dork: inurl:option=comgallerywd Date: 29.03.2015 Exploit Author: CrashBandicot @DosPerl Vendor HomePage: http://web-dorado.com/ Source Component :...
Joomla FormMaker Component - SQL Injection Vulnerability
Usage Info python sqlmap.py -u "http://localhost/index.php?option=comformmaker&view=formmaker&id=-5653&Itemid=45" --dbs Exploit Title: Joomla FormMaker Component - SQL Injection Vulnerability Google Dork: Y0ur Brain Date: 28.03.2015 Exploit Author: CrashBandicot @DosPerl Vendor HomePage:...
Joomla! Component ECommerce-WD 1.2.5 - SQL Injection
Version 1.2.5 of the ECommerce-WD plugin for Joomla! has multiple unauthenticated SQL injections available via the advanced search functionality. http://extensions.joomla.org/extension/ecommerce-wd The vulnerable parameters are searchcategoryid, sortorder, and filtermanufacturerids within the...
PHPAPP注入第十一枚(无视过滤)
简要描述: PHPAPP注入第十一枚(无视过滤) 详细说明: 在wooyun上看到了有人提了PHPAPP的漏洞: http://wooyun.org/bugs/wooyun-2010-055604,然后去官网看了看,前几天刚有更新,就在官网下了PHPAPP最新的v2.6来看看2014-12-11更新的。 PSOT注入点:wwww.xxx.com/index.php?action=10&app=49, 存在漏洞的文件在/phpapp/apps/taskmode/mainphpapp.php 下面分析一下漏洞产生的原因 第一处绕过:...
PHPAPP注入第八枚(无视过滤)
简要描述: PHPAPP注入第八枚(无视过滤) 详细说明: 在wooyun上看到了有人提了PHPAPP的漏洞: http://wooyun.org/bugs/wooyun-2010-055604,然后去官网看了看,前几天刚有更新,就在官网下了PHPAPP最新的v2.6来看看2014-12-11更新的。 PSOT注入点:wwww.xxx.com/index.php?action=5&app=5, 存在漏洞的文件在/phpapp/apps/apppay/mainphpapp.php 来看看漏洞是如何产生的/phpapp/apps/apppay/mainphpapp.php function...
PHPAPP注入第六枚(无视过滤)
简要描述: PHPAPP注入第六枚(无视过滤) 详细说明: 在wooyun上看到了有人提了PHPAPP的漏洞: http://wooyun.org/bugs/wooyun-2010-055604,然后去官网看了看,前几天刚有更新,就在官网下了PHPAPP最新的v2.6来看看2014-12-11更新的。 PSOT注入点:wwww.xxx.com/member.php?action=3&app=70&type=12 , 存在漏洞的文件在/phpapp/apps/map/memberphpapp.php 来看看漏洞是如何产生的/phpapp/apps/map/memberphpapp.php...
PHPAPP注入第七枚(无视过滤)
简要描述: PHPAPP注入第七枚(无视过滤) 详细说明: 在wooyun上看到了有人提了PHPAPP的漏洞: http://wooyun.org/bugs/wooyun-2010-055604,然后去官网看了看,前几天刚有更新,就在官网下了PHPAPP最新的v2.6来看看2014-12-11更新的。 PSOT注入点:wwww.xxx.com/index.php?app=80&action=12, 存在漏洞的文件在/phpapp/apps/taskcount/mainphpapp.php 来看看漏洞是如何产生的/phpapp/apps/taskcount/mainphpapp.php...
PHPAPP注入第五枚(无视过滤)
简要描述: PHPAPP注入第五枚(无视过滤) 详细说明: 在wooyun上看到了有人提了PHPAPP的漏洞: http://wooyun.org/bugs/wooyun-2010-055604,然后去官网看了看,前几天刚有更新,就在官网下了PHPAPP最新的v2.6来看看2014-12-11更新的。 PSOT注入点:wwww.xxx.com /member.php?app=82&action=1 , 存在漏洞的文件在/phpapp/apps/sellerservice/memberphpapp.php...
PHPAPP注入第十枚(未过滤)
简要描述: PHPAPP注入第十枚(未过滤) 详细说明: 在wooyun上看到了有人提了PHPAPP的漏洞: http://wooyun.org/bugs/wooyun-2010-055604,然后去官网看了看,前几天刚有更新,就在官网下了PHPAPP最新的v2.6来看看2014-12-11更新的。 PSOT注入点:wwww.xxx.com/member.php?app=48&op=4&action=1, 存在漏洞的文件在/phpapp/apps/order/memberphpapp.php 随意注册个账号即可测试...
齐博地方门户系统sql注入
简要描述: 变量未初始化导致注入 详细说明: 齐博地方门户系统 齐博的全局过滤系统中由于存在如下代码,导致传入的参数可以成为全局变量 foreach$COOKIE AS $key=$value unset$$key; foreach$POST AS $key=$value !ereg"^\A-Z+",$key && $$key=$POST$key; foreach$GET AS $key=$value !ereg"^\A-Z+",$key && $$key=$GET$key; 所以系统中如果存在未初始化的变量,容易导致注入 2shou/post.php中 180行...
BiWEB最新商城版注入又一枚
简要描述: BiWEB最新商城版注入又一枚 详细说明: 在wooyun上看到了有人提了BiWEB的一个XSS漏洞:http://wooyun.org/bugs/wooyun-2010-049745,也有人提了SQL注入,我来找找其他的漏洞吧。去官网下BiWEB商城版最新的5.8.4来看看。...
Microsoft SQL Server SQLi SUSER_SNAME Windows Domain Account Enumeration
This module can be used to bruteforce RIDs associated with the domain of the SQL Server using the SUSERSNAME function via Error Based SQL injection. This is similar to the smblookupsid module, but executed through SQL Server queries as any user with the PUBLIC role everyone. Information that can ...
BiWEB最新门户版绕过过滤注入漏洞小礼包
简要描述: BiWEB最新门户版绕过过滤注入漏洞小礼包,绕过全局过滤,造成多处可以注入 详细说明: 在wooyun上看到了有人把biweb的shell拿到了: WooYun: BIWEB门户版Getwebshell漏洞 ,也有人提了其他漏洞,我也来找找它的漏洞吧。去官网下BiWEB门户版最新的5.8.3来看看。 BiWEB对用户输入进行了全局过滤,但是这种过滤方法比较NC,这个漏洞就是来绕过全局过滤的。先来看看这个全局过滤方法吧/config/filtrate.inc.php...
BiWEB最新门户版注入又一枚
简要描述: BiWEB最新门户版注入又一枚,全局过滤的一个遗漏点 详细说明: 在wooyun上看到了有人把biweb的shell拿到了: WooYun: BIWEB门户版Getwebshell漏洞 ,也有人提了其他漏洞,我也来找找它的漏洞吧。去官网下BiWEB门户版最新的5.8.3来看看。...