16 matches found
Savsoft Quiz 6.0 Enterprise Cross Site Scripting
Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting Date: 2024-01-03 Exploit Author: Eren Sen Vendor: SAVSOFT QUIZ Vendor Homepage: https://savsoftquiz.com Software Link: https://savsoftquiz.com/web/index.php/online-demo/ Version: 6.0 CVE-ID: N/A Tested on: Kali Linux /...
LiveInvoices 1.0 - SQL Injection
Exploit Title: LiveInvoices 1.0 - SQL Injection Dork: N/A Date: 18.08.2017 Vendor Homepage : http://livecrm.co/ Software Link: https://codecanyon.net/item/liveinvoices-complete-invoicing-system-crm/20243375 Demo: http://liveinvoices.livecrm.co/livecrm/web/ Version: 1.0 Category: Webapps Tested on...
Akeneo PIM Cross Site Scripting
Affected software: Akeneo Online Demo Type of vulnerability: stored xss URL: http://www.akeneo.com/demo/ Discovered by: Provensec Website: http://www.provensec.com Description:Akeneo is an open source Product Information Management PIM system designed for retailers looking for efficient answers t...
Ilch CMS Cross Site Request Forgery
Affected software: Ilch cms Type of vulnerability: csrf URL: http://www.ilch.de/ Discovered by: Provensec Website: http://www.provensec.com Description: Ilch cms profile field csrf Proof of concept http://demo.opensourcecms.com/ilch/admin.php?profilefields online demo Above field was vulnerable t...
OctavoCMS Cross Site Scripting
This proprietary content management software is vulnerable to reflected XSS on the file admin/viewer.php, src parameter. Current release on their demo site is vulnerable, same as other few sites I could find. PoC:...
ZeusCart <= 2.3 (maincatid) SQL Injection Vulnerability
No description provided by source. !usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: Zeus Cart V 2.3 | -Site: http://www.zeuscart.com/ | -Site Demo: http://www.zeuscart.com/onlinedemo.php?action=skip...
Baba-Book Cross Site Scripting
=========================================================================================== Title : Multiple Cross-site Scripting XSS Vulnerabilities Software : Baba-Book Vendor : www.bp371.com Date : 26 April 2009 Indonesia Author : Vrs-hCk Contact : [email protected] Blog :...
ManageEngine Firewall Analyzer 5 XSRF/XSS Vulnerability
No description provided by source. Written By Michael Brooks Special thanks to str0ke! Product: ManageEngine Firewall Analyzer 5 - XSRF and XSS Vulerable version: Build Version : 5.0.0 Build Number : 5000 Build Date : Apr25 homepage: http://fwanalyzer.com/ This is live exploit code against the...
Sepcity Classified (classdis.asp ID) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ Sepcity Classified classdis.asp ID SQL Injection Vulnerability ================================================================...
Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Pilot Online Training Solution Remote SQL Injection Vulnerbility +==-- --==+================================================================================+==--...
Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Pilot Group eTraining newsread.php id SQL Injection Vulnerability ====================================================================...
Basic PHP Events Lister 1.0 - SQL Injection
/ \ /\ /\ / \ / \ | | | | \ / / ||| | | | | | | | | | \ / \ | | | | | | || | / \ \ | | || | / / /\ \ |/ / / / Basic PHP Events Lister Remote SQL Injection Author: 0x90 HomePage: www.0x90.com.ar Contact: Gunsat0x90dotcomdotar Script: Basic PHP Events Lister site: http://www.mevin.com Donload:...
MyFWB 1.0 (index.php page) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================= MyFWB 1.0 index.php page Remote SQL Injection Vulnerability ============================================================= MyFWB 1.0 Remote SQL Injection Author: 0x90 Product:...
XSS UMI CMS
UMI CMS xss url:umi-cms.ru /search/searchdo/?searchstring=2220onmouseover=22javacript:alert; Проверено на онлайн-демо...
IE6 / Provideo Camimage (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit
No description provided by source. !-- IE6 / Provideo Camimage class ISSCamControl.dll 1.0.1.5 remote seh overwrite exploit / win2k sp4 tried the SD-222VPRO camera series,you can reach an online demo here: http://www.provideo.com.tw/security%20live%20demo.htm rgod -- HTML...
Microsoft Internet Explorer 6 Provideo Camimage - ISSCamControl.dll 1.0.1.5 Remote Buffer Overflow
Microsoft Internet Explorer 6 Provideo Camimage - ISSCamControl.dll 1.0.1.5 Remote Buffer Overflow REM metasploit one, add a user 'su' with pass 'tzu' shellcode =...