50738 matches found
Active Super Shop CMS 2.5 HTML Injection
Document Title: =============== Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2278 Release Date: ============= 2023-07-04 Vulnerability Laboratory ID VL-ID: ==================================...
Clip Share 4.1.4 Cross Site Scripting
==================================================================================================================================== | Title : Clip Share 4.1.4 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...
BookingWizz 5.5 Information Disclosure
==================================================================================================================================== | Title : BookingWizz v5.5 sensitive information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...
Buzzy News Viral Lists Polls And Videos 1.3.2 Insecure Settings
====================================================================================================================================== | Title : Buzzy - News Viral Lists Polls and Videos V 1.3.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...
Bloly 1.3 SQL Injection
==================================================================================================================================== | Title : Bloly v1.3 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | | Vend...
Carbiz Buy Sell Car Marketplace Script 1.2.0 Insecure Settings
====================================================================================================================================== | Title : Carbiz - Buy Sell Car Marketplace Script V 1.2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...
brsisCMS 1.0.2 Cross Site Scripting
==================================================================================================================================== | Title : brsisCMS v1.0.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...
Capitol Matrimonial Banquet Centre 1.5 SQL Injection
==================================================================================================================================== | Title : Capitol Matrimonial Banquet Centre v1.5 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Business Website CMS 1.9 SQL Injection
==================================================================================================================================== | Title : Business Website CMS v1.9 Auth Bypass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Catpops Technobiz CMS 4.0 Cross Site Scripting
==================================================================================================================================== | Title : Catpops Technobiz CMS v4.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | ...
CCOM Events CMS 0.1.02 SQL Injection
==================================================================================================================================== | Title : CCOM Events CMS v0.1.02 Sql injecion Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-b...
ChainCity Real Estate Investment Platform 1.0 SQL Injection
Exploit Title: ChainCity Real Estate Investment Platform 1.0 - SQL Injection Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://script.bugfinder.net/chaincity/ Tested on: Windows 10 Pro Impact: Database Access Description SQL...
Admidio 4.2.10 Remote Code Execution
Exploit Title: Admidio v4.2.10 - Remote Code Execution RCE Application: Admidio Version: 4.2.10 Bugs: RCE Technology: PHP Vendor URL: https://www.admidio.org/ Software Link: https://www.admidio.org/download.php Date of found: 10.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical...
BloodBank 1.1 SQL Injection
Exploit Title: BloodBank 1.1 - SQL Injection Exploit Author: CraCkEr Date: 15/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/bloodbank/ Tested on: Windows 10 Pro Impact: Database Access Description SQL injection attacks c...
ChainCity Real Estate Investment Platform 1.0 Cross Site Scripting
Exploit Title: ChainCity Real Estate Investment Platform 1.0 - Stored XSS Exploit Author: skalvin aka CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://script.bugfinder.net/chaincity/ Tested on: Windows 10 Pro Impact: Manipulate the content...
Wedding Wonders 1.0 Cross Site Scripting
Exploit Title: Wedding Wonders 1.0 - Stored XSS Exploit Author: CraCkEr Date: 13/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/wedding-wonders-a-matrimonial-and-matchmaking-platform/17 Tested on: Windows 10 Pro Impact: Manipulate t...
Icinga Web 2.10 Remote Code Execution
!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Authenticated Remote Code Execution Date: 8/07/2023 Exploit Author: Dante CoronaAka. cxdxnt Software Link: https://github.com/Icinga/icingaweb2 Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version:...
WBCE 1.6.1 Cross Site Scripting
Exploit Title: WBCE - Stored XSS Date: 07/2023 Exploit Author: Andrey Stoykov Version: 1.6.1 Tested on: Windows Server 2022 Blog: http://msecureltd.blogspot.com Steps to Exploit: 1. Login to application 2. Browse to following URI "http://host/wbce/admin/pages/intro.php" 3. Paste XSS payload "TEST...
Montage 1.0 Cross Site Scripting
Exploit Title: Montage 1.0 Hotel Booking & Property Selling - Stored XSS Exploit Author: CraCkEr Date: 13/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/montage-a-complete-solution-for-hotel-booking-property-selling/16 Tested on:...
WordPress Force Images Download 1.8 CSRF / SSRF
Exploit Author : Etharus Vulnerability : Cross Site Request Forgery to Server Side Request Forgery Impact : internal ip disclosure , file extension bypass, internal port scan. Product Vendor : Nazakat Ali Version Tested : 1.8 Date : 14/07/2023 Fofa Dork :...
WinterCMS 1.2.2 Cross Site Scripting
Exploit Title: WinterCMS alertdocument.cookie; //P...
Pluck 4.7.18 Remote Code Execution
Exploit Title: Pluck v4.7.18 - Remote Code Execution RCE Application: pluck Version: 4.7.18 Bugs: RCE Technology: PHP Vendor URL: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Date of found: 10-07-2023 Author: Mirabbas Ağalarov Tested on: Linux import reques...
Cisco UCS-IMC Supervisor 2.2.0.0 Authentication Bypass
Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...
Carlisting 1.6 Cross Site Scripting
Exploit Title: Carlisting 1.6 - Reflected XSS Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/carlisting/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Th...
Finounce 1.0 Cross Site Scripting
Exploit Title: Finounce 1.0 - Stored XSS Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/finounce-an-advance-peer-to-peer-crypto-exchange-platform/20 Tested on: Windows 10 Pro Impact: Manipulate the...
RecipePoint 1.9 SQL Injection
Exploit Title: RecipePoint 1.9 - SQL Injection Exploit Author: CraCkEr Date: 15/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/recipepoint/ Tested on: Windows 10 Pro Impact: Database Access Description SQL injection attac...
Listplace Directory Listing Platform 3.0 Cross Site Scripting
Exploit Title: Listplace Directory Listing Platform 3.0 - Stored XSS Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/listplace-a-complete-directory-listing-platform/22 Tested on: Windows 10 Pro Impact...
EX-RATE 1.0 Cross Site Scripting
Exploit Title: EX-RATE 1.0 - Stored XSS Exploit Author: CraCkEr Date: 14/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/ex-rate-a-complete-money-exchange-solution/14 Tested on: Windows 10 Pro Impact: Manipulate the content of the si...
Insurance 1.2 Cross Site Scripting
Exploit Title: Insurance 1.2 - Reflected XSS Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/insurance/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...
Ecommerce 1.15 Cross Site Scripting
Exploit Title: Ecommerce 1.15 - Reflected XSS Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/ecommerce/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...
JobSeeker 1.5 Cross Site Scripting
Exploit Title: JobSeeker 1.5 - Reflected XSS Exploit Author: CraCkEr Date: 15/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/jobseeker/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...
Lawyer CMS 1.6 Cross Site Scripting
Exploit Title: Lawyer CMS 1.6 - Reflected XSS Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/lawyer/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...
BloodBank 1.1 Cross Site Scripting
Exploit Title: BloodBank 1.1 - Reflected XSS Exploit Author: CraCkEr Date: 15/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/bloodbank/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...
MineStack 1.0 Cross Site Scripting
Exploit Title: MineStack 1.0 - Stored XSS Exploit Author: CraCkEr Date: 14/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/minestack-a-cloud-mining-platform/10 Tested on: Windows 10 Pro Impact: Manipulate the content of the site...
BM IT CMS 1.0 Insecure Settings
==================================================================================================================================== | Title : BM IT CMS v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | |...
Clarity PPM 14.3.0.298 Cross Site Scripting
================================================================================================================================== Title : Insufficient input validation , in CA PPM 14.3 allows remote attackers to execute stored cross-site scripting attacks. | Author : Kaizen | Tested on : windows...
Travelable 1.0 Cross Site Scripting
Exploit Title: Travelable 1.0 - Stored XSS Exploit Author: CraCkEr Date: 15/07/2023 Vendor: travelmate.com Vendor Homepage: https://www.codester.com/items/43963/travelable-trek-management-solution Software Link: https://travel.codeswithbipin.com/ Tested on: Windows 10 Pro Impact: Manipulate the...
Carlisting 1.6 SQL Injection
Exploit Title: Carlisting 1.6 - SQL Injection Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/carlisting/ Tested on: Windows 10 Pro Impact: Database Access Description SQL injection attacks...
ICOGenie 1.0 Cross Site Scripting
Exploit Title: ICOGenie 1.0 - Stored XSS Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/icogenie-advanced-token-offering-script/21 Tested on: Windows 10 Pro Impact: Manipulate the content of the site...
ProjeQtOr Project Management System 10.4.1 Cross Site Scripting
Exploit Title: ProjeQtOr Project Management System V10.4.1 - Multiple XSS Version: V10.4.1 Bugs: Multiple XSS Technology: PHP Vendor URL: https://www.projeqtor.org Software Link: https://sourceforge.net/projects/projectorria/files/projeqtorV10.4.1.zip/download Date of found: 09.07.2023 Author:...
SASS BILLER 1.0 Cross Site Scripting
Exploit Title: SASS BILLER 1.0 - Stored XSS Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/sass-biller-a-sass-based-invoicing-and-billing-platform/19 Tested on: Windows 10 Pro Impact: Manipulate the...
News Portal 4.0 SQL Injection
Exploit Title: News Portal v4.0 - SQL Injection Unauthorized Date: 09/07/2023 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://phpgurukul.com/news-portal-project-in-php-and-mysql/c Software Link:...
Buzzy News Viral Lists Polls And Videos 1.3.1 Insecure Settings
====================================================================================================================================== | Title : Buzzy - News Viral Lists Polls and Videos V 1.3.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...
brsisCMS 1.0.2 SQL Injection
==================================================================================================================================== | Title : brsisCMS v1.0.2 sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...
BrightCube LMS 2.0.1 SQL Injection
==================================================================================================================================== | Title : BrightCube LMS v2.0.1 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.0.332-bi...
Brigadasoft CMS 2.1 SQL Injection
==================================================================================================================================== | Title : Brigadasoft CMS v2.1 Auth Bypass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit ...
Boomchat 3.0 Shell Upload
==================================================================================================================================== | Title : boomchat-v3.0 remote shell upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit ...
Bluelaat 1.0 Beta Insecure Direct Object Reference
==================================================================================================================================== | Title : Bluelat V0.1 beta Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
BWD Calendar Manager CMS 0.1.1 SQL Injection
==================================================================================================================================== | Title : bwd calender manager CMS v0.1.1 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Business Directory Store Finder Local 1.6.4 Information Disclosure
==================================================================================================================================== | Title : Business Directory Store Finder Local v1.6.4 information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...