210 matches found
Bootstrapy CMS SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Bootstrapy CMS - Multiple SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://bootstrapy.com Demo Site: http://bootstrapy.net/demo/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...
Bootstrapy CMS - Multiple SQL Injection
Bootstrapy CMS - Multiple SQL Injection Exploit Title: Bootstrapy CMS - Multiple SQL Injection Date: 21.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://bootstrapy.com Demo Site: http://bootstrapy.net/demo/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...
CSZ CMS 1.2.1 Arbitrary File Upload
i?=========================================================================================== Exploit Title: CSZ CMS 1.2.1 - Arbitrary File Upload Dork: N/A Date: 15-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.cszcms.com/ Software Link:...
WordPress Audio Record 1.0 Plugin - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Software Link: https://wordpress.org/plugins/audio-record/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.0 Category: webapps Unrestricted file upload in reco...
WordPress Plugin Quizlord 2.0 - Cross-Site Scripting
WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Exploit Title: WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Date: 2018-08-29 Exploit Author: Renos Nikolaou Software Link: https://downloads.wordpress.org/plugin/quizlord.zip Version: 2.0 Tested on: Kali Linux CVE: N/A Description :...
CMS ISWEB 3.5.3 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: CMS ISWEB 3.5.3 - Directory Traversal Exploit Author: Thiago "thxsena" Sena Vendor Homepage: http://www.isweb.it Version: 3.5.3 Tested on: Linux CVE : N/A PoC: CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file...
poapo.fr XSS vulnerability
Open Bug Bounty ID: OBB-653579 Description| Value ---|--- Affected Website:| poapo.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
XATABoost 1.0.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: XATABoost CMS Sql Injection Google Dork: inurl:php?id= Powered by XATABOOST Exploit Author: MgThuraMoeMyint Vendor Homepage: http://www2.xataboost.com Version: 1.0.0 Tested on: Kali Linux SQL Injection Type: Union Based Example...
Groupon Clone Script 3.0.2 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Slickdeals/DealNews/Groupon Clone Script 3.0.2 – Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/groupon-clone-script/ Category: Web Application...
PHP B2B Script 3.05 - SQL Injection
Exploit Title: PHP B2B Script v3.05 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/php-b2b-script/ Demo: http://readymadeb2bscript.com/product/basic/ Version: 3.05 Tested on: Win7 x64, Kali Linux x...
WordPress Contact Form Manager CSRF / XSS
------------------------------------------------------------------------ Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin ------------------------------------------------------------------------ Edwin Molenaar, July 2016...
Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions Vulnerability
Exploit for php platform in category web applications Vulnerability: Security Bypass Date: 13.01.2017 Vendor Homepage: http://www.inoutscripts.com/ Script Name: Inout Search Engine Ultimate Edition Script Script Version: v7.0, v8.0 Script Buy Now:...
Web Based Alumni Tracking System 0.1 - SQL Injection
Web Based Alumni Tracking System 0.1 - SQL Injection Exploit Title.............. Web Based Alumni Tracking System Multiple Vulnerability Google Dork................ N/A Date....................... 14/10/2016 Exploit Author............. lahilote Vendor Homepage...
Avast Antivirus X.509 Error Rendering Command Execution Exploit
Exploit for windows platform in category remote exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=546 Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means...
Airties RT210 Cross Site Scripting
Airties RT210 Web Interface Stored XSS Vulnerability My + Discovered by: B3mB4m Contact : [email protected] + Greetz : SYS & & KnocKout & Septemb0x Software info |Hardware/Web App : Airties |Affected Version : AirRT210 |Official Web: http://www.airties.com |RISK : Hight...
WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download
|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | + Exploit Title:Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability | | + Exploit Author: Ashiyane Digital Security Team | | + Vendor Homepage :...
WordPress Aspose Cloud eBook Generator File Download
|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | + Exploit Title:Wordpress Aspose-Cloud-eBook-Generator Plugin Arbitrary File Download Vulnerability | | + Exploit Author: Ashiyane Digital Security Team | | + Vendor...
openEMR 4.2.0 Cross Site Scripting / SQL Injection
Advisory: Multiple reflecting/stored XSS- and SQLi-vulnerabilities in openEMR v.4.2.0 Advisory ID: SROEADV-2015-08 Author: Steffen Rösemann Affected Software: openEMR v.4.2.0 Release-date: 28th Dec 2014 Vendor URL: http://www.open-emr.org Vendor Status: patched CVE-ID: to be assigned after releas...
CMS b2evolution 5.2.0 Cross Site Scripting
Advisory: Reflecting XSS vulnerability in CMS filemanager of b2evolution v. 5.2.0 Advisory ID: SROEADV-2014-09 Author: Steffen Rösemann Affected Software: CMS b2evolution v. 5.2.0 Release-Date: 6th-Dec-2014 Vendor URL: http://b2evolution.net/ Vendor Status: did not respond to issue CVE-ID: -...
Absolut Engine 1.73 - Multiple Vulnerabilities
CMS Absolute Engine version 1.73 suffers from cross site scripting and remote SQL injection vulnerabilities. Advisory: Multiple SQL Injections and Reflecting XSS in Absolut Engine v.1.73 CMS Author: Steffen Rösemann Affected Software: CMS Absolut Engine v. 1.73 Vendor URL:...