Manage Engine ServiceDesk Plus 9.3 - Privilege Escalation Exploit

Exploit for windows platform in category web applications !/usr/bin/python Exploit Title: Manage Engine ServiceDesk Plus Version 9.3 Privileged Account Hijacking Exploit Author: Ata Hakçıl, Melih Kaan Yıldız Vendor: ManageEngine Vendor Homepage: www.manageengine.com Product: Service Desk Plus...

Premium Servers List Tracker 1.0 SQL Injection

Exploit Title: Premium Servers List Tracker v1.0 a SQL Injection Date: 02.08.2017 Vendor Homepage: https://codecanyon.net/item/premium-servers-list-tracker/19796599?srank=270 Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits...

NewsBee CMS - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: NewsBee CMS – SQL Injection Date: 06.02.2017 Software Link: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937?srank=2 Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website:...

Property Listing Script - 'propid' Blind SQL Injection

Exploit Title: Property Listing Script – Time-Based Blind Injection Date: 02.02.2017 Vendor Homepage: http://phprealestatescript.org/ Software Link: http://phprealestatescript.org/property-listing-script.html Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com...

Seditio 165 Cross Site Request Forgery / Backup Disclosure

============================================= Vulnerable Software: Seditio v165 Downloaded from: http://seditio-eklenti.com/datas/users/1-seditio.165.rar This version is under development of Kaan $ md5sum 1-seditio.165.rar 2eebc8d80f7fcd4e9a0d0659ef193488 1-seditio.165.rar...