phpMyAdmin 4.7.x Cross Site Request Forgery

Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Date: 2018-08-28 Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql5 CVE: CVE-2017-1000499 Exploit CSRF ...

phpMyAdmin 4.7.x - Cross-Site Request Forgery

phpMyAdmin 4.7.x - Cross-Site Request Forgery Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Date: 2018-08-28 Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on:...

phpMyAdmin 4.7.x - Cross-Site Request Forgery

Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Date: 2018-08-28 Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql5 CVE: CVE-2017-1000499 -- Original...

HongCMS 3.0.0 SQL Injection

Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Date: 2018/06/26 Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5 CVE : CVE-2018-12912 POC Administrator...

HongCMS 3.0.0 - (Authenticated) SQL Injection

Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Date: 2018/06/26 Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5 CVE : CVE-2018-12912 POC Administrator...

HongCMS 3.0.0 - (Authenticated) SQL Injection

HongCMS 3.0.0 - Authenticated SQL Injection Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Date: 2018/06/26 Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5...

WordPress Core 4.9.6 - (Authenticated) Arbitrary File Deletion

WordPress Core 4.9.6 - Authenticated Arbitrary File Deletion Exploit Title: Wordpress = 4.9.6 Arbitrary File Deletion Vulnerability Date: 2018-06-27 Exploit Author: VulnSpy Vendor Homepage: http://www.wordpress.org Software Link: http://www.wordpress.org/download Version: = 4.9.6 Tested on: php7...

WordPress Core < 4.9.6 - (Authenticated) Arbitrary File Deletion

Exploit Title: Wordpress = 4.9.6 Arbitrary File Deletion Vulnerability Date: 2018-06-27 Exploit Author: VulnSpy Vendor Homepage: http://www.wordpress.org Software Link: http://www.wordpress.org/download Version: = 4.9.6 Tested on: php7 mysql5 CVE : Step 1: curl -v...

phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0...

phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)

Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Date: 2018-06-21 Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0, 4.8.1 Tested on: php7 mysql5 CVE :...

Joomla Component RSComments 1.0.0 Persistent XSS

No description provided by source. Exploit Title: Joomla Component RSComments 1.0.0 Multiple XSS Vulnerabilities Date: 18 May 2010 Author: jdc Software Link: http://www.rsjoomla.com Version: 1.0.0 Tested on: PHP5, MySQL5 Name Field Persistent XSS -------------------------...

Joomla Component Answers 2.3beta - Multiple Vulnerabilities

No description provided by source. Exploit Title: Joomla Component Answers v2.3beta Multiple Vulnerabilities Date: 25 May 2010 Author: jdc Software Link: http://extensions.joomla.org/extensions/communication/forum/12652 Version: 2.3beta Tested on: PHP5, MySQL5 Blind SQL Injection...

chCounter indirect SQL Injection and XSS Vulnerabilities

No description provided by source. Exploit Title: chCounter indirect SQL Injection and XSS Vulnerabilities Date: 29.04.2010 Author: Valentin Category: webapps/0day Version: 3.1.1 Tested on: Debian, Apache2, PHP5, MySQL5 CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1...

ownrs blog beta3 (sql/xss) Multiple Vulnerabilities

No description provided by source. ============================================================== OwnRS Blog beta3 SQL/XSS Multiple Remote Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

joomla component ozio gallery 2 - Multiple Vulnerabilities

No description provided by source. !-- Exploit Title: Joomla Component Ozio Gallery 2 Multiple Vulnerabilities Date: 28 May 2010 Author: jdc Software Link: http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883 Version: 2.4 Tested on: PHP5, MySQL5 -- h2Ozio Gallery 2/h2...

ColdFusion Zero day vulnerability : Remote File Disclosure of Password Hashes

ColdFusion Zero day vulnerability : Remote File Disclosure of Password Hashes Yesterday Blackhatacademy Released Fully automated MySQL5 boolean based enumeration tool. Today Another post expose the most critical ColdFusion vulnerability affects about a tenth of all ColdFusion servers at the...

Fully automated MySQL5 boolean based enumeration tool

Fully automated MySQL5 boolean based enumeration tool Blackhatacademy Developers releases Fully automated MySQL5 boolean based enumeration tool. By default, this script will first determine username, version and database name before enumerating the informationschema information. When the -q flag ...

Joomla! Component com_mtree 2.1.5 - Arbitrary File Upload

Joomla! Component commtree 2.1.5 - Arbitrary File Upload Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shel...

Joomla Gallery XML 1.1 Local File Inclusion / SQL Injection

Exploit Title: Joomla Component Gallery XML 1.1 Multiple Vulnerabilities Date: 18 May 2010 Author: jdc Software Link: http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/12504 Version: 1.1 Tested on: PHP5, MySQL5 Local File Include ------------------...

Joomla JFaq 1.2 SQL Injection / Cross Site Scripting

Exploit Title: Joomla Component JFaq 1.2 Multiple Vulnerabilities Date: 11 May 2010 Author: jdc Version: 1.2 Tested on: PHP5, MySQL5 "title" input SQL injection --------------------------- title', select concatusername,char32,password from users where gid=25 limit 1, 1, 1, 1, 1, 1 -- ' id SQL...