Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2018/10/22 12:0 a.m.19 views

MySQL Edit Table 1.0 - id SQL Injection

MySQL Edit Table 1.0 - id SQL Injection Exploit Title: MySQL Edit Table 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.bookman.nl Software Link: https://sourceforge.net/projects/sql-edit-table/files/latest/download Version: 1.0...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.15 views

Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)

Microsoft Windows 10 - Local Privilege Escalation UAC Bypass !/usr/bin/env python Exploit Title: Windows 10 UAC Bypass by computerDefault Date: 2018-10-18 Exploit Author: Fabien DROMAS - Security consultant @ Synetis Twitter: st0rnpentest Vendor Homepage: www.microsoft.com Version: Version...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.15 views

Apple iOSmacOS - Sandbox Escape due to mach Message sent from Shared Memory

Apple iOSmacOS - Sandbox Escape due to mach Message sent from Shared Memory iohideventsystem sets up a shared memory event queue; at the end of this shared memory buffer it puts a mach message which it sends whenever it wants to notify a client that there's data available in the queue. As a clien...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.29 views

Apple Intel GPU Driver - Use-After-FreeDouble-Delete due to bad Locking

Apple Intel GPU Driver - Use-After-FreeDouble-Delete due to bad Locking / This PoC file might look familiar; this bug is a trivial variant of CVE-2016-1744 Apple bug id 635599405. That report showed the bug in the unmapusermemory external methods; a variant also exists in the mapusermemory extern...

9.3CVSS6.4AI score0.04157EPSS
Exploits4
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.59 views

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem iohideventsystem is a MIG service which provides proxy access to various HID devices for untrusted clients. On iOS it's hosted by backboardd and on MacOS by hidd. The actual implementation is ...

Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.13 views

Audacity 2.3 - Denial of Service (PoC)

Audacity 2.3 - Denial of Service PoC Exploit Title: AudaCity 2.3 - Denial of Service PoC Author: Kağan Çapar Discovery Date: 2018-10-19 Software Link: https://www.fosshub.com/Audacity.html Vendor Homepage : https://www.audacityteam.org Tested Version: 2.3 Tested on OS: Windows 10 x64/86 Normal us...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/20 12:0 a.m.15 views

LibSSH 0.7.6 0.8.4 - Unauthorized Access

LibSSH 0.7.6 0.8.4 - Unauthorized Access !/usr/bin/env python3 import sys import paramiko import socket import logging pip3 install paramiko==2.0.8 logging.basicConfigstream=sys.stdout, level=logging.DEBUG logging.basicConfigstream=sys.stdout bufsize = 2048 def executehostname, port, command: soc...

1.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/18 12:0 a.m.11 views

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add Admin)

PHP-SHOP master 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2018/10/18 12:0 a.m.14 views

OwnTicket 1.0 - TicketID SQL Injection

OwnTicket 1.0 - TicketID SQL Injection Exploit Title: OwnTicket 1.0 - 'TicketID' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: https://ownticket.sourceforge.io/ Software Link: https://sourceforge.net/projects/ownticket/files/latest/download Version: 1.0...

Exploits0
exploitpack
exploitpack
added 2018/10/18 12:0 a.m.20 views

libSSH - Authentication Bypass

libSSH - Authentication Bypass !/usr/bin/env python3 import paramiko import socket import argparse from sys import argv, exit parser = argparse.ArgumentParserdescription="libSSH Authentication Bypass" parser.addargument'--host', help='Host' parser.addargument'-p', '--port', help='libSSH port',...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/18 12:0 a.m.15 views

Learning with Texts 1.6.2 - start SQL Injection

Learning with Texts 1.6.2 - start SQL Injection Exploit Title: Learning with Texts 1.6.2 - 'start' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://lwt.sourceforge.net/ Software Link: https://sourceforge.net/projects/lwt/files/latest/download Version:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.27 views

Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)

Time and Expense Management System 3.0 - Cross-Site Request Forgery Add Admin Exploit Title: Time and Expense Management System 3.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-17 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.initechs.com/ Software Link:...

Exploits0
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.13 views

Any Sound Recorder 2.93 - Buffer Overflow (SEH)

Any Sound Recorder 2.93 - Buffer Overflow SEH Exploit Title: Any Sound Recorder 2.93 - Buffer Overflow SEH Exploit Author: Abdullah Alic Discovery Date: 2018-10-16 Homepage: http://www.any-sound-recorder.com Software Link: http://www.any-sound-recorder.com/anysoundrecorder.exe Version: 2.93 Teste...

1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.32 views

TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure

TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Exploit Title: TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-17 Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.com Affected version: 1.6.18P12121101 Test...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.33 views

BigTree CMS 4.2.23 - Cross-Site Scripting

BigTree CMS 4.2.23 - Cross-Site Scripting Exploit Title: BigTree CMS 4.2.23 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.bigtreecms.org/ Software Link : https://github.com/bigtreecms/BigTree-CMS/ Software : BigTree CMS Version : 4.2.23...

4.3CVSS6.1AI score0.03648EPSS
Exploits4
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.16 views

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc Product web page: https://www.flir.com Affected version: Firmware: 1.32.16,...

Exploits0
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.19 views

Time and Expense Management System 3.0 - table SQL Injection

Time and Expense Management System 3.0 - table SQL Injection Exploit Title: Time and Expense Management System 3.0 - 'table' SQL Injection Dork: N/A Date: 2018-10-17 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.initechs.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.31 views

Kados R10 GreenBee - release_id SQL Injection

Kados R10 GreenBee - releaseid SQL Injection Exploit Title: Kados R10 GreenBee - 'releaseid' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.kados.info/ Software Link: https://sourceforge.net/projects/kados/ Version: R10 GreenBee Category: Webapp...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.12 views

MV Video Sharing Software 1.2 - searchname SQL Injection

MV Video Sharing Software 1.2 - searchname SQL Injection Exploit Title: MV Video Sharing Software 1.2 - 'searchname' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: https://melerovideo.com/software/ Software Link:...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.13 views

Microsoft Windows - FSCTL_FIND_FILES_BY_SID Information Disclosure

Microsoft Windows - FSCTLFINDFILESBYSID Information Disclosure Windows: FSCTLFINDFILESBYSID Information Disclosure Platform: Windows 10 1709, 1803 Class: Information Disclosure / Elevation of Privilege Summary: The FSCTLFINDFILESBYSID control code doesn’t check for permissions to list a directory...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.14 views

GIU Gallery Image Upload 0.3.1 - category SQL Injection

GIU Gallery Image Upload 0.3.1 - category SQL Injection Exploit Title: GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: http://tradesouthwest.com Software Link: https://sourceforge.net/projects/giugalleryimageupload...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.10 views

HotelDruid 2.2.4 - anno SQL Injection

HotelDruid 2.2.4 - anno SQL Injection Exploit Title: HotelDruid 2.2.4 - 'anno' SQL Injection Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.hoteldruid.com/ Software Link: http://www.hoteldruid.com/en/download.html Version: 2.2.4 Category: Webapps Tested on:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.21 views

Navigate CMS 2.8.5 - Arbitrary File Download

Navigate CMS 2.8.5 - Arbitrary File Download Exploit Title: Navigate CMS 2.8.5 - Arbitrary File Download Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.navigatecms.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.12 views

Vishesh Auto Index 3.1 - fid SQL Injection

Vishesh Auto Index 3.1 - fid SQL Injection Exploit Title: Vishesh Auto Index 3.1 - 'fid' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.vishesh.cf/ Software Link: https://sourceforge.net/projects/vishesh-wap-auto-index/files/latest/download...

1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.17 views

Rukovoditel Project Management CRM 2.3 - path SQL Injection

Rukovoditel Project Management CRM 2.3 - path SQL Injection Exploit Title: Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.22 views

Library CMS 2.1.1 - Cross-Site Scripting

Library CMS 2.1.1 - Cross-Site Scripting Exploit Title: Library CMS 2.1.1 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://kaasoft.pro/ Software Link : https://library.kaasoft.pro/ Software : Library CMS - Powerful Book Management System Version : v...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.26 views

WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting

WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting Exploit Title: Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: https://schiocco.com/ Software Link : https://board.support/ Software : Support Board - Chat And...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.27 views

Heatmiser Wifi Thermostat 1.7 - Credential Disclosure

Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Exploit Title: Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Dork: intitle:"Heatmiser Wifi Thermostat" Date: 2018-08-17 Exploit Author: d0wnp0ur Original Discoverer: Andrew Tierney Vendor Lnk: https://www.heatmiser.com/en/ Product Link...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.138 views

Git Submodule - Arbitrary Code Execution

Git Submodule - Arbitrary Code Execution CVE-2018-17456 I've gotten a couple of questions about exploitation for the recent RCE in Git. So here we go with some technical details. TL;DR Here is a PoC repository. EDB Note: Mirror...

7.5CVSS0.3AI score0.97356EPSS
Exploits20
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.15 views

Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)

Academic Timetable Final Build 7.0b - Cross-Site Request Forgery Add Admin Exploit Title: Academic Timetable Final Build 7.0b - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://geoffpartridge.net/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.40 views

Advanced HRM 1.6 - Remote Code Execution

Advanced HRM 1.6 - Remote Code Execution Exploit Title: Advanced HRM 1.6 - Remote Code Execution Google Dork: intext:"Advanced HRM" Date: 2018-10-06 Exploit Author: Renos Nikolaou Vendor Homepage: https://coderpixel.com/ Software Link: https://codecanyon.net/item/advanced-hrm/17767006 Version: 1....

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.26 views

College Notes Management System 1.0 - user SQL Injection

College Notes Management System 1.0 - user SQL Injection Exploit Title: College Notes Management System 1.0 - 'user' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://anirbandutta.ml/ Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.35 views

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16,...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.20 views

MaxOn ERP Software 8.x-9.x - nomor SQL Injection

MaxOn ERP Software 8.x-9.x - nomor SQL Injection Exploit Title: MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.talagasoft.com Software Link: http://demo.maxonerp.com/ Software Download:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.35 views

FLIR Brickstream 3D+ - RTSP Stream Disclosure

FLIR Brickstream 3D+ - RTSP Stream Disclosure FLIR Systems FLIR Brickstream 3D+ Unauthenticated RTSP Stream Disclosure Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842 Api: 1.0.0 Node: 0.10.33 Onvif: 0.1.1.47 Summary: The Brickstream...

Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.32 views

FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure

FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Auhor: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13 O...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.12 views

Snes9K 0.0.9z - Buffer Overflow (SEH)

Snes9K 0.0.9z - Buffer Overflow SEH...

3.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.12 views

Academic Timetable Final Build 7.0 - Information Disclosure

Academic Timetable Final Build 7.0 - Information Disclosure \n"; printr$ver; echo "\n"; / Array sEcho = 10 iTotalRecords = 3 iTotalDisplayRecords = 3 aaData = Array 0 = Array 0 = testdb1 1 = testdb1 2 = ADMIN 3 = 6CC4E8CFFEAF202D7475BC906612F9A29A9C8117 1 = Array 0 = ADMIN 1 = admin 2 = ADMIN...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.14 views

Academic Timetable Final Build 7.0a-7.0b - id SQL Injection

Academic Timetable Final Build 7.0a-7.0b - id SQL Injection Exploit Title: Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://geoffpartridge.net/ Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.37 views

FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure

FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16,...

Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.19 views

KORA 2.7.0 - cid SQL Injection

KORA 2.7.0 - cid SQL Injection Exploit Title: KORA 2.7.0 - SQL Injection Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.matrix.msu.edu/ Software Link: https://sourceforge.net/projects/kora/files/latest/download Version: 2.7.0 Category: Webapps Tested on:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.47 views

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Exploit Title: FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842,...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.22 views

Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities

Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities Exploit Title: Centos Web Panel 0.9.8.480 Multiple Vulnerabilities Exploit Author: Seccops - Siber Güvenlik Hizmetleri https://seccops.com Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/system-requiremen...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.26 views

AlchemyCMS 4.1 - Cross-Site Scripting

AlchemyCMS 4.1 - Cross-Site Scripting Exploit Title: AlchemyCMS 4.1 - Cross-Site Scripting Date: 2018-10-14 Exploit Author: Ismail Tasdelen Vendor Homepage: https://alchemy-cms.com/ Software Link : https://github.com/AlchemyCMS/alchemycms Software : AlchemyCMS Version : 4.1-stable Vulernability...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.94 views

NoMachine 5.3.27 - Remote Code Execution

NoMachine 5.3.27 - Remote Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NOMACHINE-TROJAN-FILE-REMOTE-CODE-EXECUTION.txt + ISR: ApparitionSec Greetz: Greetz: indoushka | Eduardo Vendor www.nomachine.com...

6.8CVSS0.1AI score0.04554EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.78 views

CAMALEON CMS 2.4 - Cross-Site Scripting

CAMALEON CMS 2.4 - Cross-Site Scripting Exploit Title: CAMALEON CMS 2.4 - Cross-Site Scripting Date: 2018-10-11 Exploit Author: Ismail Tasdelen Vendor Homepage: http://camaleon.tuzitio.com/ Software Link : https://github.com/owen2345/camaleon-cms Software : CAMALEON CMS Version : 2.4 Vulernabilit...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.37 views

SugarCRM 6.5.26 - Cross-Site Scripting

SugarCRM 6.5.26 - Cross-Site Scripting Exploit Title: SugarCRM 6.5.26 - Cross-Site Scripting Date: 2018-09-29 Exploit Author: Purplemet Security Author Website: https://www.purplemet.com/ Vendor Homepage: https://www.sugarcrm.com/ Software Link: https://sourceforge.net/projects/sugarcrm/ Version:...

4.3CVSS0.04353EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.9 views

HaPe PKH 1.1 - id SQL Injection

HaPe PKH 1.1 - id SQL Injection Exploit Title: HaPe PKH 1.1 - 'id' SQL Injection Dork: N/A Date: 2018-10-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.sitejo.id Software Link: https://sourceforge.net/projects/hape-pkh/files/latest/download Version: 1.1 Category: Webapps Tested on:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.17 views

HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)

HaPe PKH 1.1 - Cross-Site Request Forgery Update Admin Exploit Title: HaPe PKH 1.1 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.sitejo.id Software Link: https://sourceforge.net/projects/hape-pkh/files/latest/download...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.15 views

HaPe PKH 1.1 - Arbitrary File Upload

HaPe PKH 1.1 - Arbitrary File Upload Exploit Title: HaPe PKH 1.1 - Arbitrary File Upload Dork: N/A Date: 2018-10-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.sitejo.id Software Link: https://sourceforge.net/projects/hape-pkh/files/latest/download Version: 1.1 Category: Webapps Test...

7.4AI score
Exploits0
Total number of security vulnerabilities41207