Lucene search
K

17 matches found

OSV
OSV
added 2019/05/14 4:29 p.m.12 views

CVE-2019-8404

An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the...

6.5CVSS6.3AI score
Exploits0References3
Prion
Prion
added 2019/05/14 4:29 p.m.10 views

Design/Logic Flaw

An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the...

5.5CVSS6.2AI score0.08018EPSS
Exploits5References3Affected Software1
Packet Storm
Packet Storm
added 2019/02/19 12:0 a.m.40 views

Webiness Inventory 2.3 Arbitrary File Upload

=========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

0.08018EPSS
Exploits5
0day.today
0day.today
added 2019/02/18 12:0 a.m.35 views

Webiness Inventory 2.3 - ProductModel Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

6.6AI score0.08018EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/18 12:0 a.m.49 views

Webiness Inventory 2.3 - ProductModel Arbitrary File Upload

Webiness Inventory 2.3 - ProductModel Arbitrary File Upload =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor...

5.5CVSS0.2AI score0.08018EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/11 12:0 a.m.26 views

Webiness Inventory 2.3 - email SQL Injection

Webiness Inventory 2.3 - email SQL Injection =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'email' SQL Vulnerability Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

8.6AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.257 views

Webiness Inventory 2.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.127 views

Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)

Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/14 12:0 a.m.193 views

Webiness Inventory 2.3 Cross Site Request Forgery / Shell Upload

Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/14 12:0 a.m.209 views

Webiness Inventory 2.3 SQL Injection

Exploit Title: Webiness Inventory 2.3 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link: https://kent.dl.sourceforge.net/project/webinessinventory/2.3/webinessinventory-2.3.zip Version: 2.3 Category...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/11/13 12:0 a.m.19 views

Webiness Inventory 2.3 - order SQL Injection

Webiness Inventory 2.3 - order SQL Injection Exploit Title: Webiness Inventory 2.3 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2018/11/13 12:0 a.m.14 views

Webiness Inventory 2.3 - Arbitrary File Upload Cross-Site Request Forgery (Add Admin)

Webiness Inventory 2.3 - Arbitrary File Upload Cross-Site Request Forgery Add Admin Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage:...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/11/13 12:0 a.m.38 views

Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)

Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

7.4AI score
Exploits0
NVD
NVD
added 2018/10/29 12:29 p.m.14 views

CVE-2018-18752

Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...

9.8CVSS9.6AI score0.02297EPSS
Exploits1References1
OSV
OSV
added 2018/10/29 12:29 p.m.18 views

CVE-2018-18752

Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...

9.8CVSS7.2AI score
Exploits0References1
Prion
Prion
added 2018/10/29 12:29 p.m.9 views

Privilege escalation

Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...

7.5CVSS9.5AI score0.02297EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/10/28 5:0 p.m.16 views

CVE-2018-18752

Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...

9.6AI score0.02297EPSS
Exploits1References1
Rows per page
Query Builder