CVE-2018-0606

SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available

Summary There are multiple security vulnerabilities in various components used by IBM Security Identity Manager Virtual Appliance Vulnerability Details CVEID: CVE-2016-0327 DESCRIPTION: IBM Security Identity Manager Virtual Appliance could allow a local user to injection commands that would be...

Naukri Clone Script 3.0.3 - 'indus' SQL Injection

Exploit Title: Naukri Clone Script 3.0.3 - 'indus' SQL Injection Dork: N/A Date: 2018-02-08 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/naukri-clone-script/ Version: 3.0.3 Category: Webapps CVE: N/A Description: Th...

Hot Scripts Clone 3.1 - subctid mctid SQL Injection

Hot Scripts Clone 3.1 - subctid mctid SQL Injection Exploit Title: Hot Scripts Clone 3.1 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/hot-scripts-clone-script-classified/ Version: 3.1 Category:...

Restaurant Website Script 1.0 SQL Injection

Exploit Title: Restaurant Website Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/small-business/restaurant-website-script Demo: http://restaurant.scriptzee.com/ Version: 1.0 Category: Webapps Tested on:...

Law Firm 1.0 - SQL Injection

Law Firm 1.0 - SQL Injection Exploit Title: Law Firm Website Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/small-business/law-firm-website Demo: http://lawwebsite.scriptzee.com/ Version: 1.0 Category: Webapps Teste...

iGreeting Cards 1.0 - SQL Injection

Exploit Title: iGreeting Cards 1.0 - SQL Injection Dork: N/A Date: 04.09.2017 Vendor Homepage: http://coryapp.com/ Software Link: http://coryapp.com/?product&index Demo: http://coryapp.com/demo/greetingcards/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author:...

Joomla! Component OSDownloads 1.7.4 - SQL Injection

Exploit Title: Joomla! Component OSDownloads 1.7.4 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://joomlashack.com/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/downloads/osdownloads/ Demo:...

PHP-Lance 1.52 - subcat SQL Injection

PHP-Lance 1.52 - subcat SQL Injection Exploit Title: PHP-Lance 1.52 - 'subcat' Parameter SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://www.scriptdemo.com/ Software Link: http://www.scriptdemo.com/details/phplance/ Demo: http://www.scriptdemo.com/php-lance/ Version: 1.52 Categor...