OOP CMS BLOG 1.0 - search SQL Injection

OOP CMS BLOG 1.0 - search SQL Injection Exploit Title: OOP CMS BLOG 1.0 - 'search' SQL Injection Dork: N/A Date: 2018-11-06 Exploit Author: Ihsan Sencan Vendor Homepage: http://zsoft.com.bd/ Software Link: https://datapacket.dl.sourceforge.net/project/php-oop-cms-blog/blogforup.zip Version: 1.0...

OpenBiz Cubi Lite 3.0.8 - username SQL Injection

OpenBiz Cubi Lite 3.0.8 - username SQL Injection Exploit Title: OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection Date: 2018-11-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://sourceforge.net/projects/bigchef/ Software Link:...

OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin)

OOP CMS BLOG 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: OOP CMS BLOG 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-06 Exploit Author: Ihsan Sencan Vendor Homepage: http://zsoft.com.bd/ Software Link:...

OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection

Exploit Title: OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection Date: 2018-11-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://sourceforge.net/projects/bigchef/ Software Link: https://sourceforge.net/projects/bigchef/files/latest/download...

OOP CMS BLOG 1.0 - 'search' SQL Injection

Exploit Title: OOP CMS BLOG 1.0 - 'search' SQL Injection Dork: N/A Date: 2018-11-06 Exploit Author: Ihsan Sencan Vendor Homepage: http://zsoft.com.bd/ Software Link: https://datapacket.dl.sourceforge.net/project/php-oop-cms-blog/blogforup.zip Version: 1.0 Category: Webapps Tested on:...

OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: OOP CMS BLOG 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-06 Exploit Author: Ihsan Sencan Vendor Homepage: http://zsoft.com.bd/ Software Link: https://datapacket.dl.sourceforge.net/project/php-oop-cms-blog/blogforup.zip Version: 1.0 Category: Webapps Tested on...

SiAdmin 1.1 - id SQL Injection

SiAdmin 1.1 - id SQL Injection Exploit Title: SiAdmin 1.1 - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.bubul.net/ Software Link: https://kent.dl.sourceforge.net/project/siadmin/SiAdmin%201.1/SiAdmin%201.1.zip Version: 1.1 Category: Webap...

Voovi Social Networking Script 1.0 - user SQL Injection

Voovi Social Networking Script 1.0 - user SQL Injection Exploit Title: Voovi Social Networking Script 1.0 - 'user' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.adminspoint.com/voovi/index.php Software Link:...

Voovi Social Networking Script 1.0 SQL Injection

Exploit Title: Voovi Social Networking Script 1.0 - 'user' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.adminspoint.com/voovi/index.php Software Link: https://netix.dl.sourceforge.net/project/voovi/voovi%20a%20social%20networking%20script.zip...

SiAdmin 1.1 SQL Injection

Exploit Title: SiAdmin 1.1 - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.bubul.net/ Software Link: https://kent.dl.sourceforge.net/project/siadmin/SiAdmin%201.1/SiAdmin%201.1.zip Version: 1.1 Category: Webapps Tested on:...

Poppy Web Interface Generator 0.8 Shell Upload

Exploit Title: Poppy Web Interface Generator 0.8 - Arbitrary File Upload Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://poppy.dc-development.de/ Software Link: https://master.dl.sourceforge.net/project/poppy-beta-rc/poppy0.8betarc.zip Version: 0.8 Category: Webapp...

PHP Proxy 3.0.3 Local File Inclusion

Exploit Title: PHP-Proxy 3.0.3 - Local File Inclusion Date: 04.11.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.php-proxy.com/ Software Link: https://github.com/Athlon1600/php-proxy-app Version: v3.0.3 Category: Webapps Tested on: XAMP...

Mongo Web Admin 6.0 - Information Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Mongo Web Admin 6.0 - Information Disclosure Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mongoadmin.org/ Software Link: https://netix.dl.sourceforge.net/project/mongo-web-admin/mongoDesktopAdminSetup-beta-6.exe...

SiAdmin 1.1 - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SiAdmin 1.1 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.bubul.net/ Software Link: https://kent.dl.sourceforge.net/project/siadmin/SiAdmin%201.1/SiAdmin%201.1.zip Version: 1.1 Category: Webapps...

Poppy Web Interface Generator 0.8 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Poppy Web Interface Generator 0.8 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://poppy.dc-development.de/ Software Link: https://master.dl.sourceforge.net/project/poppy-beta-rc/poppy0.8betarc.zip...

PHP Proxy 3.0.3 - Local File Inclusion

Exploit Title: PHP-Proxy 3.0.3 - Local File Inclusion Date: 04.11.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.php-proxy.com/ Software Link: https://github.com/Athlon1600/php-proxy-app Version: v3.0.3 Category: Webapps Tested on: XAMP...

Poppy Web Interface Generator 0.8 - Arbitrary File Upload

Exploit Title: Poppy Web Interface Generator 0.8 - Arbitrary File Upload Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://poppy.dc-development.de/ Software Link: https://master.dl.sourceforge.net/project/poppy-beta-rc/poppy0.8betarc.zip Version: 0.8 Category: Webapp...

SiAdmin 1.1 - 'id' SQL Injection

Exploit Title: SiAdmin 1.1 - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.bubul.net/ Software Link: https://kent.dl.sourceforge.net/project/siadmin/SiAdmin%201.1/SiAdmin%201.1.zip Version: 1.1 Category: Webapps Tested on:...

Gate Pass Management System 2.1 - login SQL Injection

Gate Pass Management System 2.1 - login SQL Injection Exploit Title: Gate Pass Management System 2.1 - 'login' SQL Injection Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.livebms.com Software Link:...

Fantastic Blog CMS 1.0 - id SQL Injection

Fantastic Blog CMS 1.0 - id SQL Injection Exploit Title: Fantastic Blog CMS 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/ronald-ronniem/ Software Link:...