9 matches found
Users Ultra <= 3.1.0 - Unauthenticated SQL Injection
The plugin fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection. curl...
Reside Property Management 3.0 - 'profile' SQL Injection
Exploit Title: Reside Property Management 3.0 - 'profile' SQL Injection Date: 2020-06-28 Google Dork: "Copyright 2020 Reside Property Management" Exploit Author: Ultra Security Team Ashkan Moghaddas , AmirMohammad Safari Team Members: Behzad Khalifeh , Milad Ranjbar Vendor Homepage:...
Webkiller v2.0 - Tool Information Gathering
Tool Information Gathering Write With Python. PreView ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗ ██║ █╗ ██║█████╗ ██████╔╝████&9608 ;╔╝ ██║██║ ██║ █████╗ ██████╔╝ ██║███╗██║██╔══╝ ██╔══██╗██╔═██╗ ██║██║ ██║ ██╔══╝ ██╔══██╗...
WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Category : Webapps Software Link:...
WordPress Fruitful 3.8 Cross Site Scripting
Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Link: https://downloads.wordpress.org/theme/fruitful.3.8.zip Vendo...
WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting
WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Lin...
TeleKiller - A Tool Session Hijacking And Stealer Local Passcode Telegram Windows
A Tools Session Hijacking And Stealer Local passcode Telegram Windows. Features : Session Hijacking Stealer Local Passcode Keylogger Shell Bypass 2 Step Verification Bypass Av Coming Soon InstallationWindows git clone https://github.com/ultrasecurity/TeleKiller.git cd TeleKiller pip install -r...
Webkiller - Tool Information Gathering Write By Python.
Tool Information Gathering Write With Python. ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗ ██║ █╗ ██║█████╗ ██████╔╝█████╔╝ ██║██║ ██║ █████╗ ██████╔╝ ██║███╗██║██╔══╝ ██╔══██╗██╔═██╗ ██║██║ ██║ ██╔══╝ ██╔══██╗...
SA-2008-007 - Drupal core - Cross site scripting (register_globals)
When theme .tpl.php files are accessible via the web and the PHP setting registerglobals is set to enabled, anonymous users are able to execute cross site scripting attacks via specially crafted links. Drupals .htaccess attempts to set registerglobals to disabled and also prevents access to...