17 matches found
CVE-2019-8404
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the...
Design/Logic Flaw
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the...
Webiness Inventory 2.3 Arbitrary File Upload
=========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...
Webiness Inventory 2.3 - ProductModel Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Exploit Author: Mehmet EMIROGLU Vendor Homepage:...
Webiness Inventory 2.3 - ProductModel Arbitrary File Upload
Webiness Inventory 2.3 - ProductModel Arbitrary File Upload =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor...
Webiness Inventory 2.3 - email SQL Injection
Webiness Inventory 2.3 - email SQL Injection =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'email' SQL Vulnerability Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...
Webiness Inventory 2.3 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
Webiness Inventory 2.3 Cross Site Request Forgery / Shell Upload
Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
Webiness Inventory 2.3 SQL Injection
Exploit Title: Webiness Inventory 2.3 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link: https://kent.dl.sourceforge.net/project/webinessinventory/2.3/webinessinventory-2.3.zip Version: 2.3 Category...
Webiness Inventory 2.3 - order SQL Injection
Webiness Inventory 2.3 - order SQL Injection Exploit Title: Webiness Inventory 2.3 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
Webiness Inventory 2.3 - Arbitrary File Upload Cross-Site Request Forgery (Add Admin)
Webiness Inventory 2.3 - Arbitrary File Upload Cross-Site Request Forgery Add Admin Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage:...
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
CVE-2018-18752
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...
CVE-2018-18752
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...
Privilege escalation
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...
CVE-2018-18752
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...