Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

MiniShare 1.4.1 HEAD / POST Buffer Overflow

Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...

WUZHICMS 2.0 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Title: WUZHICMS 2.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Vendor: http://www.wuzhicms.com Software: WUZHICMS 2.0 CVE: CVE-2018-17832 Technical Details & Description: A Cross Site Scripting vulnerability has been discovered in t...

WUZHICMS 2.0 - Cross-Site Scripting

WUZHICMS 2.0 - Cross-Site Scripting Title: WUZHICMS 2.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-10-01 Vendor: http://www.wuzhicms.com Software: WUZHICMS 2.0 CVE: CVE-2018-17832 Technical Details & Description: A Cross Site Scripting vulnerability has been discovered in th...

WUZHICMS 2.0 Cross Site Scripting

Title: WUZHICMS 2.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-10-01 Vendor: http://www.wuzhicms.com Software: WUZHICMS 2.0 CVE: CVE-2018-17832 Technical Details & Description: A Cross Site Scripting vulnerability has been discovered in the WUZHICMS 2.0 web-application. The...

WUZHICMS 2.0 - Cross-Site Scripting

Title: WUZHICMS 2.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-10-01 Vendor: http://www.wuzhicms.com Software: WUZHICMS 2.0 CVE: CVE-2018-17832 Technical Details & Description: A Cross Site Scripting vulnerability has been discovered in the WUZHICMS 2.0 web-application. The...

Navigate CMS 2.8 Cross Site Scripting

Title: Navigate CMS 2.8 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-09-19 Vendor: https://www.navigatecms.com/en/home Software: Navigate CMS 2.8 CVE: CVE-2018-17255 Technical Details & Description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the...

Aron - A GO Script For Finding Hidden GET & POST Parameters

Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce. Installation $ git clone https://github.com/m4ll0k/Aron.git aron $ cd aron $ go get github.com/m4ll0k/printer now check if $GOPATH is set $ go env | grep -i gopath if $GOPATH not set, try with: $ export...

Design/Logic Flaw

An XSS issue was discovered in Sandoba CP:Shop v2016.1. The vulnerability is located in the admin.php file of the ./cpshop/ module. Remote attackers are able to inject their own script codes to the client-side requested vulnerable web-application parameters. The attack vector of the vulnerability...

Dimofinf CMS 3.0.0 - Cross-Site Scripting

Dimofinf CMS 3.0.0 - Cross-Site Scripting Title: Dimofinf CMS 3.0.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-06-13 Software: Dimofinf CMS Version 3.0.0 CVE: CVE-2018-12094 A Reflected Cross-Site Scripting web vulnerability has been discovered in the "Dimofinf CMS"...

OEcms 3.1 - Cross-Site Scripting

OEcms 3.1 - Cross-Site Scripting Title: OEcms 3.1 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-06-15 Software: OEcms v3.1 CVE: CVE-2018-12095 Technical Details & Description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the "OEcms v3.1"...

CVE-2018-0356

A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are...

ASP.NET jVideo Kit - 'query' SQL Injection

Exploit Title: ASP.NET jVideo Kit - 'query' SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: MediaSoft Pro Vendor Homepage: https://www.mediasoftpro.com/video-sharing-script/mvc/ Version: v1.0 Category: Webapps Tested on: Kali linux Description : The...

MySQL Smart Reports 1.0 - id SQL Injection Cross-Site Scripting

MySQL Smart Reports 1.0 - id SQL Injection Cross-Site Scripting Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage:...

MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting

Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 Version: 1.0 Category: Webapps...

MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection

Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 Version: 1.0 Category: Webapps...

Quest NetVault Backup NVBUEventHistory Get Method SQL Injection (CVE-2017-17412)

An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUEventHistory class...

Khan Academy: [critical] sql injection by GET method

Hey there, after tampering a bit with the values, since I figured out your backend is not php most likely django or nodejs, I found an SQL injection . You can view my steps to reproduce, if you need additional screenshots, please let me know. Regards Gabriel Kimiaie Impact If I dig deeper, I may ...

CVE-2017-17413

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupTargetSet Get method requests. The issue...

CVE-2017-17421

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUSelectionSet Get method requests. The issue result...