Alumni Tracer SMS Notification - SQL Injection Cross-Site Request Forgery

Alumni Tracer SMS Notification - SQL Injection Cross-Site Request Forgery Exploit Title: Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery Add/Update Admin Dork: N/A Date: 2018-12-06 Exploit Author: Ihsan Sencan Vendor Homepage:...

Tourism Website Blog - Remote Code Execution SQL Injection

Tourism Website Blog - Remote Code Execution SQL Injection Exploit Title: Tourism Website Blog - Remote Code Execution / SQL Injection Dork: N/A Date: 2018-12-06 Exploit Author: Ihsan Sencan Vendor Homepage:...

WordPress MagicMembers 1.0 Database Disclosure

Exploit Title : WordPress MagicMembers Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : wordpress.org magicmembers.com github.com/jervy-ez/magic-members-test Software Download Link :...

Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery

Exploit Title: Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery Add/Update Admin Dork: N/A Date: 2018-12-06 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/12825/alumni-tracer-sms-notification-using-phpmysqli.html Software Link:...

Joomla RsGallery2 4.4.1 Database Disclosure

Exploit Title : Joomla ComRsGallery2 Components 4.4.1 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : rsgallery2.org extensions.joomla.org/extension/rsgallery2/ Software Download Link :...

WordPress WP-Bannerize 4.0.2 Database Disclosure

Exploit Title : WordPress WP-Bannerize 4.0.2 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : undolog.com wordpress.org/plugins/wp-bannerize/ Software Download Link :...

WordPress Real-Estate-Listing-Realtyna-Wpl 4.3.2 Database Disclosure

Exploit Title : WordPress Real-Estate-Listing-Realtyna-Wpl Plugins 4.3.2 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : realtyna.com wordpress.org/plugins/real-estate-listing-realtyna-wpl/ Software Download...

Joomal Migrator 1.5 Database Disclosure

Exploit Title : Joomla ComMigrator Components 1.5 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : extensions.joomla.org/category/joomla-migration/ Software Download Link : docs.joomla.org/Migration Tested On ...

WordPress HighStand 4.6.1 Database Disclosure

Exploit Title : WordPress HighStand Themes 4.6.1 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : wordpress.org Software Download Link :...

WordPress Total-Child-Theme-Master 1.0 Arbitrary File Disclosure

Exploit Title : WordPress Total-Child-Theme-Master Themes 1.0 Arbitrary File Download Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : wordpress.org wpexplorer-themes.com/total/docs/child-theme/ Software Download Link :...

i-doit CMDB 1.11.2 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version:...

Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Software Link: httpås://loganalyzer.adiscon.com/ https://github.com/rsyslog/loganalyzer Exploit Author: Gustavo Sorondo Contact: http://twitter.com/iampuky Website:...

i-doit CMDB 1.11.2 - Remote Code Execution

i-doit CMDB 1.11.2 - Remote Code Execution Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Versio...

Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting

Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Exploit Title: Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Date: 2018-12-05 Software Link: httpås://loganalyzer.adiscon.com/ https://github.com/rsyslog/loganalyzer Exploit Author: Gustavo Sorondo Contact: http://twitter.com/iampuky Website:...

Adiscon LogAnalyzer < 4.1.7 - Cross-Site Scripting

Exploit Title: Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Date: 2018-12-05 Software Link: httpås://loganalyzer.adiscon.com/ https://github.com/rsyslog/loganalyzer Exploit Author: Gustavo Sorondo Contact: http://twitter.com/iampuky Website: http://cintainfinita.com/ CVE: CVE-2018-19877...

i-doit CMDB 1.11.2 - Remote Code Execution

Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version: v1.11.2 Category: Webapps Tested on: XAM...

i-doit CMDB 1.11.2 Remote Code Execution

Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version: v1.11.2 Category: Webapps Tested on: XAM...

Hasan MWB 1.0 Time-Based SQL Injection

=================================================== Hasan MWB v1.0 - Multiple Time-Based SQL Injections =================================================== Exploit Title: Hasan MWB v1.0 - Multiple Time-Based SQL Injections Date: 12-04-2018 Category: Webapps Author: Socket0x03 Alvaro J. Gene Email...

WordPress BatchMove 1.5 Database Disclosure

Exploit Title : WordPress BatchMove Plugins 1.5 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/batchmove/ Software Download Link : github.com/wp-plugins/batchmove/archive/master.zip +...

WordPress WP-Syntax Download Extension 1.1.1 Database Disclosure

Exploit Title : WordPress WP-Syntax Download Extension Plugins 1.1.1 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/wp-syntax-download-extension/ +...