HRSale 1.0.6 Local File Disclosure Vulnerability

Exploit for php platform in category local exploits Exploit Title: HRSALE - HR Management PHP Script - LFD Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: http://hrsale.com Software Buy: https://www.codester.com/items/8599/hrsale-hr-management-php-script Demo:...

Super CMS Blog Pro PHP Script 1.0 Cross Site Scripting

Exploit Title: Super Cms Blog Pro PHP Script v1.0 - XSS Google Dork: N/A Date: 2018/28/7 Exploit Author: GUIA Brahim Fouad Author Mail : [email protected] Vendor Homepage: https://www.codester.com/Seunex Software Buy: https://www.codester.com/items/8005/super-cms-blog-pro-php-script Demo...

Super CMS Blog Pro PHP Script 1.0 SQL Injection / Shell Upload

Exploit Title: Super Cms Blog Pro PHP Script v1.0 - Upload shell & SQL Injection Google Dork: N/A Date: 2018/25/7 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/Seunex Software Buy:...

Super CMS Blog Pro PHP Script 1.0 SQL Injection / Shell Upload Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Super Cms Blog Pro PHP Script v1.0 - Upload shell & SQL Injection Google Dork: N/A Date: 2018/25/7 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/Seunex Software Buy:...

FTP2FTP 1.0 - Arbitrary File Download

FTP2FTP 1.0 - Arbitrary File Download Exploit Title: FTP2FTP 1.0 - Arbitrary File Download Dork: N/A Date: 18.07.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/ftp2ftp-server-to-server-file-transfer-php-script/21972395 Version: 1.0 Category: Webapps...

FTP2FTP 1.0 - Arbitrary File Download

Exploit Title: FTP2FTP 1.0 - Arbitrary File Download Dork: N/A Date: 18.07.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/ftp2ftp-server-to-server-file-transfer-php-script/21972395 Version: 1.0 Category: Webapps Tested on: Kali linux Description : The...

FTP2FTP 1.0 Arbitrary File Download

Exploit Title: FTP2FTP 1.0 - Arbitrary File Download Dork: N/A Date: 18.07.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/ftp2ftp-server-to-server-file-transfer-php-script/21972395 Version: 1.0 Category: Webapps Tested on: Kali linux Description : The...

Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution / Local File Disclosure

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote Code Execution & Local File Disclosure product: Zeta Producer Desktop CMS vulnerable version: =14.2.1 CVE number: CVE-2018-13981, CVE-2018-13980 impact: critical...

Schools Alert Management Script - 'get_sec.php' SQL Injection

Exploit Title: Schools Alert Management Script - 'getsec.php' SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit Author: M3@Pandas Web:...

Schools Alert Management Script - Arbitrary File Deletion

Schools Alert Management Script - Arbitrary File Deletion Exploit Title: Schools Alert Management Script - Arbitrary File Deletion Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web...

Schools Alert Management Script - get_sec.php SQL Injection

Schools Alert Management Script - getsec.php SQL Injection Exploit Title: Schools Alert Management Script - 'getsec.php' SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category:...

Schools Alert Management Script - Arbitrary File Read

Schools Alert Management Script - Arbitrary File Read Exploit Title: Schools Alert Management Script - Arbitrary File Read Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web...

Event Manager Admin panel - 'events_new.php' SQL injection

Exploit Title: Event Manager PHP Script Admin panel - 'eventsnew.php' SQL injection Date: 2018-06-10 Exploit Author: telahdihapus Vendor Homepage: https://codecanyon.net/user/ezcode Software Link: https://codecanyon.net/item/eventmanager-php-script-admin-panel/21280741 Tested on: windows 10 1...

Schools Alert Management Script - SQL Injection

Exploit Title: Schools Alert Management Script - SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit Author: M3@Pandas Web:...

Schools Alert Management Script - SQL Injection

Schools Alert Management Script - SQL Injection Exploit Title: Schools Alert Management Script - SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit...

Event Manager Admin panel - events_new.php SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Event Manager PHP Script Admin panel - 'eventsnew.php' SQL injection Exploit Author: telahdihapus Vendor Homepage: https://codecanyon.net/user/ezcode Software Link:...

Facebook Clone Script 1.0.5 Cross Site Request Forgery

Exploit Title: Facebook Clone Script 1.0.5 - Cross-Site Request Forgery Date: 2018-05-29 Exploit Author: L0RD Vendor Homepage: https://www.phpscriptsmall.com/product/facebook-clone/ Version: 1.0.5 Tested on: Win 10 Description : Facebook Clone Script 1.0.5 has csrf vulnerability which attacker ca...

SS-2018-012: Uploaded PHP script execution in assets

More info at https://www.silverstripe.org/download/security-releases/ss-2018-012/...

Private Message PHP Script 2.0 Cross Site Scripting

Exploit Title: Private Message PHP Script 2.0 - Persistent Cross-Site scripting Date: 2018-05-20 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?srank=1 Version: 2.0 Tested on: Windows Description : Private Message PHP Script...

Malicious PHP Script Infects 2,400 Websites in the Past Week

A botnet dubbed Brain Food is giving webmasters indigestion with related attacks that push bogus diet pills and IQ-boosting pills via web pages hosted on legitimate sites. So far, spammers have been successful, thanks to an effective Hypertext Preprocessor PHP script also called Brain Food that h...