LogicalDOC Enterprise 7.7.4 - Directory Traversal Vulnerability

Exploit for java platform in category web applications LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free...

LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution

LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution Via Binary Path Manipulation Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary:...

LogicalDOC Enterprise 7.7.4 Directory Traversal

LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free document management system that is designed to handle...

Complain Management System - Hard-Coded Credentials Blind SQL injection

Complain Management System - Hard-Coded Credentials Blind SQL injection Exploit Title : Complain Management System Blind SQL Injection Date: 10 October 2017 Exploit Author: havysec Tested on: ubuntu14.04 Vendor: https://sourceforge.net/projects/complain-management-system/ Version: not supplied...

shopify-scripts: SIGSEGV - mrb_obj_value

Linux Ubuntu Xenial 64 commit f8b31a0db671b71d2794ce866b87596a09c10bf0 Author: Yukihiro "Matz" Matsumoto Date: Wed Mar 15 09:00:03 2017 +0900 output RAX: 0x0 RBX: 0x6c4e80 -- 0x1 RCX: 0x6c4e50 -- 0x6b4320 -- 0x112 RDX: 0xf222f69400000003 RSI: 0x6b4320 -- 0x112 RDI: 0x0 RBP: 0x7fffffffdb10 --...

Drale DBTableViewer 100123 - Blind SQL Injection

Drale DBTableViewer 100123 - Blind SQL Injection Drale DBTableViewer v100123 - Blind SQL Injection Exploit Title: drale DBTableViewer - SQL InjectionBlind/Error Base Date: 2016-06-08 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://drale.com/ Software Link:...

Gongwalker API Manager 1.1 - Blind SQL Injection

gongwalker API Manager v1.1 - Blind SQL Injection Exploit Title: gongwalker API Manager v1.1 - Blind SQL Injection Date: 2016-01-25 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/gongwalker/ApiManager Software Link:...

ClassAd 3.0 SQL Injection

Bilnd SQL Injection on ClassAd Risk: High CWE number: CWE-89 Date: 9/11/2014 Vendor: projects-and-software.de Version: 3.0 Author: Felipe " Renzi " Gabriel Contact: [email protected] Tested on: Linux Ubuntu 14.04; Mozilla Firefox 34.0; sqlmap 1.0-dev-nongit-20141106 Vulnerable File: showads.php...

Free open source photo album Piwigo <= v2. 6. 0 SQL injection vulnerability 0day-a vulnerability warning-the black bar safety net

Piwigo is the world's most famous free open source photo album system by PHP+MySQL architecture. Since the framework build easy, by domestic and foreign developers favor recently, Piwigo = v2. 6. 0 burst critical 0day vulnerability. Vulnerability causes,Piwigo photo album system/piwigo/picture. p...

Eleanor CMS Open Redirect

URL Open Redirect on Eleanor CMS Risk: Low CWE number: CWE-601 Vendor: eleanor-cms.ru Version: All Date: 11/11/2014 Author: Felipe " Renzi " Gabriel Contact: [email protected] Tested on Linux Ubuntu 14.04 ; Mozilla Firefox 33.0 Vulnerable File: go.php Exploit: +...

Bacula-Web 5.2.10 (joblogs.php, jobid param) - SQL Injection

谷歌搜索：joblogs.php?jobid= 案例：http://cep.treslagoas.ms.gov.br/backup/joblogs.php?jobid=23154 D:\sqlmappython sqlmap.py -u http://cep.treslagoas.ms.gov.br/backup/joblogs.php ?jobid=23154 --dbs | | 1.0-dev-nongit-20150806 | -| . | | | .'| . | || |||||,| | || || http://sqlmap.org ! legal disclaimer:...

SePortal 2.5 - SQL Injection Vulnerabilty

No description provided by source. Exploit: SePortal 2.5 Sql Injection Vulnerabilty Author: jsass Date : 19\03\2014 Contact Twitter: @Kwsecurity Script: http://www.seportal.org/ version: 2.5 Tested on: Linux Ubuntu 12.4 & Windows 7 Dork : Powered by SePortal 2.5 // Searching And Analysis By Kuwai...

Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC

No description provided by source. !-- + Title: Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC + Version: 2.0 Beta 1.1 not tested with older versions + Note: No need administrator to be logged : + Tested on: Linux Ubuntu 11.04 Google Chrome but will work in any other OS + Download...

Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability

No description provided by source. ============================================================= Zoopeer 0.1 & 0.2 fckeditor Zoopeer Shell Upload Vulnerability ============================================================= Exploit Title: Zoopeer 0.1 & 0.2 fckeditor Date: 27-10-2010 Author:...

ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection Vulnerability

No description provided by source. ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 - http://cwe.mitre.org/data/definitions/89.html CVE:...

WSN Links Script 2.3.4 - SQL Injection Vulnerabilitiy

No description provided by source. Exploit Title: WSN Links Script SQL Injection Vulnerabilitiy Google Dork: Powered by WSN Links Date: 1/1/2012 Author: H4ckCity Security Team Discovered By: farbodmahini Home: WwW.H4ckCity.Org Software Link: http://scripts.webmastersite.net/wsnlinks Version: All...

Sendy 1.1.9.1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: Sendy 1.1.9.1 - SQL Injection Vulnerability Date: 2014-04-10 Exploit Author: marduk369 Vendor Homepage: http://sendy.co/ Software Link: http://sendy.co/ Version: 1.1.9.1 root@kali: sqlmap -u 'http://server1/send-to?i=1&c=10'...

Subdreamer Pro 3.0.4 - CMS Upload Vulnerability

No description provided by source. . \\ \\ / |/ | || | | /\\ \\\\ \\ \\/ \\| | \\/ /\\ \\ | | | | \\ / \\| | | | | /\\ \\ / \\| | | / /| || \\/|// /| \\/ \\/ \\/ \\/ Exploit Title: Subdreamer Pro v3.0.4 CMS upload Vulnerability Author: Battousai Home:...

Kayako eSupport 3.04.10 - XSS/CSRF Vulnerabilities

No description provided by source. + Exploit Title : kayako xss/xsrf Remote Vulnerabilities + Author : By D3V!L FUCKER + Script Link : http://www.kayako.com/solutions/esupport/ + Version : Kayako eSupport v3.04.10 + Tested on : linux ubuntu 9.10 + Code : +++++++++++++++++++++++++...

ZeroCMS 1.0 SQL Injection

ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 - http://cwe.mitre.org/data/definitions/89.html CVE: CVE-2014-4194 Date: 20/06/2014...