Impress CMS 1.4.0 Cross Site Scripting ≈ Packet Storm
July 11th, 2020 📆 | 4928 Views ⚑
Impress CMS 1.4.0 Cross Site Scripting Posted Jul 11, 2020 Authored by AppleBois Impress CMS version 1.4.0 suffers from a
Browsing the "cms" Tag
Tagged with: advisory • cms • cross • CSRF • exploit • impress • overflow • packet • scanner • scripting • security • Site • storm • vulnerability • whitepaper • XSS
Impress CMS 1.4.0 Code Execution / SQL Injection ≈ Packet Storm
July 10th, 2020 📆 | 2830 Views ⚑
#Author: AppleBois#Homepage: https://sourceforge.net/projects/impresscms/#Affected Version: 1.4.0#Remote Code Execution or Sql Injection#Authenticated user can make use of the AutoTask feature to execute
Tagged with: advisory • cms • code • CSRF • execution • exploit • impress • injection • overflow • packet • scanner • security • SQL • storm • vulnerability • whitepaper • XSS
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload ≈ Packet Storm
July 4th, 2020 📆 | 5773 Views ⚑
########################################################################### Bolt CMS < = 3.7.0 Multiple Vulnerabilities ########################################################################### Author – Sivanesh Ashok | @sivaneshashok | stazot.com Date : 2020-03-24Vendor
Tagged with: advisory • Bolt • cms • CSRF • exploit • overflow • packet • scanner • security • shell • storm • upload • vulnerability • whitepaper • XSS
EQDKP Plus CMS 2.3.29 Cross Site Scripting ≈ Packet Storm
July 3rd, 2020 📆 | 2588 Views ⚑
SEC Consult Vulnerability Lab Security Advisory < 20200701-0 >=======================================================================title: Reflected Cross-Site Scripting (XSS) Vulnerabilityproduct: EQDKP Plus CMSvulnerable version: < =
Tagged with: advisory • cms • cross • CSRF • eqdkp • exploit • overflow • packet • scanner • scripting • security • Site • storm • vulnerability • whitepaper • XSS
Victor CMS 1.0 – ‘user_firstname’ Persistent Cross-Site Scripting
June 30th, 2020 📆 | 6304 Views ⚑
# Exploit Title: Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting # Google Dork: N/A # Date: 2020-06-28 # Exploit
Tagged with: cms • cross • CrossSite • firstname • persistent • php • scripting • userfirstname • victor • webapps
Bolt CMS 3.7.0 Authenticated Remote Code Execution ≈ Packet Storm
June 29th, 2020 📆 | 2661 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerinclude Msf::Exploit::Remote::AutoCheck
Tagged with: advisory • authenticated • Bolt • cms • code • CSRF • execution • exploit • overflow • packet • remote • scanner • security • storm • vulnerability • whitepaper • XSS
Gila CMS 1.11.8 – ‘query’ SQL Injection
June 25th, 2020 📆 | 6144 Views ⚑
*] *]# Exploit Title: Gila CMS 1.11.8 - 'query' SQL Injection # Date: 2020-06-15 # Exploit Author: Carlos Ramírez L.
Tagged with: cms • CVE-2020-5515 • Gila • injection • php • query • SQL • webapps
Gila CMS 1.11.8 SQL Injection ≈ Packet Storm
June 22nd, 2020 📆 | 3124 Views ⚑
*]# Exploit Title: Gila CMS 1.11.8 – ‘query’ SQL Injection*]# Date: 2020-06-15*]# Exploit Author: Carlos Ramírez L. (BillyV4)*]# Vendor Homepage:
Tagged with: advisory • cms • CSRF • exploit • Gila • injection • overflow • packet • scanner • security • SQL • storm • vulnerability • whitepaper • XSS
Cayin CMS NTP Server 11.0 Remote Code Execution ≈ Packet Storm
June 21st, 2020 📆 | 7048 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::FileDropperinclude Msf::Exploit::CmdStager def
Tagged with: advisory • cayin • cms • code • CSRF • execution • exploit • NTP • overflow • packet • remote • scanner • security • server • storm • vulnerability • whitepaper • XSS
Gila CMS 1.1.18.1 SQL Injection / Shell Upload ≈ Packet Storm
June 21st, 2020 📆 | 6881 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require ‘msf/core’require “net/http”require “uri”require ‘nokogiri’ class MetasploitModule < Msf::ExploitRank = ExcellentRanking include
Tagged with: advisory • cms • CSRF • exploit • Gila • injection • overflow • packet • scanner • security • shell • SQL • storm • upload • vulnerability • whitepaper • XSS
Navigate CMS 2.8.7 – Authenticated Directory Traversal
June 6th, 2020 📆 | 3451 Views ⚑
# Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal # Date: 2020-06-04 # Exploit Author: Gus Ralph # Vendor
Tagged with: authenticated • cms • directory • navigate • php • traversal • webapps
Navigate CMS 2.8.7 – Cross-Site Request Forgery (Add Admin)
June 6th, 2020 📆 | 2616 Views ⚑
# Exploit Title: Navigate CMS 2.8.7 - Cross-Site Request Forgery (Add Admin) # Date: 2020-06-04 # Exploit Author: Gus Ralph
Tagged with: Add • admin • cms • cross • CrossSite • forgery • navigate • php • request • webapps
Oriol Espinal CMS 1.0 – ‘id’ SQL Injection
June 6th, 2020 📆 | 1618 Views ⚑
# Exploit Title: Oriol Espinal CMS 1.0 - 'id' SQL Injection # Google Dork: inurl:/eotools_share/ # Date: 2020-06-03 # Exploit
Tagged with: cms • espinal • injection • oriol • php • SQL • webapps
Navigate CMS 2.8.7 SQL Injection ≈ Packet Storm
June 6th, 2020 📆 | 8250 Views ⚑
# Exploit Title: Navigate CMS 2.8.7 – ”sidx’ SQL Injection (Authenticated)# Date: 2020-06-04# Exploit Author: Gus Ralph# Vendor Homepage: https://www.navigatecms.com/en/home#
Tagged with: advisory • cms • CSRF • exploit • injection • navigate • overflow • packet • scanner • security • SQL • storm • vulnerability • whitepaper • XSS
Oriol Espinal CMS 1.0 SQL Injection ≈ Packet Storm
June 5th, 2020 📆 | 4440 Views ⚑
# Exploit Title: Oriol Espinal CMS 1.0 – ‘id’ SQL Injection# Google Dork: inurl:/eotools_share/# Date: 2020-06-03# Exploit Author: TSAR# Vendor
Tagged with: advisory • cms • CSRF • espinal • exploit • injection • oriol • overflow • packet • scanner • security • SQL • storm • vulnerability • whitepaper • XSS
Navigate CMS 2.8.7 Directory Traversal ≈ Packet Storm
June 5th, 2020 📆 | 2200 Views ⚑
# Exploit Title: Navigate CMS 2.8.7 – Authenticated Directory Traversal# Date: 2020-06-04# Exploit Author: Gus Ralph# Vendor Homepage: https://www.navigatecms.com/en/home# Software
Tagged with: advisory • cms • CSRF • directory • exploit • navigate • overflow • packet • scanner • security • storm • traversal • vulnerability • whitepaper • XSS
Navigate CMS 2.8.7 Cross Site Request Forgery ≈ Packet Storm
June 5th, 2020 📆 | 5920 Views ⚑
# Exploit Title: Navigate CMS 2.8.7 – Cross-Site Request Forgery (Add Admin)# Date: 2020-06-04# Exploit Author: Gus Ralph# Vendor Homepage:
Tagged with: advisory • cms • cross • CSRF • exploit • forgery • navigate • overflow • packet • request • scanner • security • Site • storm • vulnerability • whitepaper • XSS
Navigate CMS 2.8.7 – ”sidx’ SQL Injection (Authenticated)
June 4th, 2020 📆 | 8109 Views ⚑
# Exploit Title: Navigate CMS 2.8.7 - ''sidx' SQL Injection (Authenticated) # Date: 2020-06-04 # Exploit Author: Gus Ralph #
Tagged with: authenticated • cms • injection • navigate • php • sidx • SQL • webapps
We-Com Municipality Portal CMS 2.1.x Cross Site Scripting / SQL Injection ≈ Packet Storm
June 2nd, 2020 📆 | 1629 Views ⚑
# Exploit Title: We-com Municipality portal CMS SQL Injection & XSS Vulnerability# Google Dork:N/A# Date: 2020-04-17# Exploit Author: @ThelastVvV# Vendor
Tagged with: 21x • advisory • cms • cross • CSRF • exploit • injection • municipality • overflow • packet • portal • scanner • scripting • security • Site • SQL • storm • vulnerability • WeCom • whitepaper • XSS
We-Com OpenData CMS 2.0 SQL Injection ≈ Packet Storm
June 2nd, 2020 📆 | 6697 Views ⚑
# Exploit Title: We-com OpenData CMS 2.0 Authentication Bypass / SQL Injection# Google Dork:N/A# Date: 2020-04-17# Exploit Author: @ThelastVvV# Vendor
Tagged with: advisory • cms • CSRF • exploit • injection • opendata • overflow • packet • scanner • security • SQL • storm • vulnerability • WeCom • whitepaper • XSS
Composr CMS 10.0.30 Cross Site Scripting ≈ Packet Storm
May 22nd, 2020 📆 | 2508 Views ⚑
# Title: Composr CMS 10.0.30 – Persistent Cross-Site Scripting# Author: Manuel Garcia Cardenas# Date: 2020-02-06# Vendor: https://compo.sr/# CVE: N/A =============================================MGC
Tagged with: advisory • cms • composr • cross • CSRF • exploit • overflow • packet • scanner • scripting • security • Site • storm • vulnerability • whitepaper • XSS
Victor CMS 1.0 – Authenticated Arbitrary File Upload
May 21st, 2020 📆 | 3161 Views ⚑
# Exploit Title: Victor CMS 1.0 - Authenticated Arbitrary File Upload # Google Dork: N/A # Date: 2020-05-19 # Exploit
Tagged with: arbitrary • authenticated • cms • File • php • upload • victor • webapps
Craft CMS 3 vCard 1.0.0 Remote Code Execution ≈ Packet Storm
May 21st, 2020 📆 | 3036 Views ⚑
# Exploit Title: CraftCMS 3 vCard Plugin 1.0.0 – Remote Code Execution# Date: 2020-05-18# Exploit Author: Wade Guest# Vendor Homepage:
Tagged with: advisory • cms • code • craft • CSRF • execution • exploit • overflow • packet • remote • scanner • security • storm • vcard • vulnerability • whitepaper • XSS
Victor CMS 1.0 Cross Site Scripting ≈ Packet Storm
May 20th, 2020 📆 | 5346 Views ⚑
# Exploit Title: Victor CMS 1.0 – ‘comment_author’ Persistent Cross-Site Scripting# Google Dork: N/A# Date: 2020-05-19# Exploit Author: Kishan Lal
Tagged with: advisory • cms • cross • CSRF • exploit • overflow • packet • scanner • scripting • security • Site • storm • victor • vulnerability • whitepaper • XSS
Popular
BlueLeaks: Data from 200 US police departments… June 22, 2020 Ron Jenkins, Getty Images An activist group has published on…
‘GoldenSpy’ Malware Hidden in Tax… June 24, 2020 Advanced persistent threat (APT) campaign aims to steal intelligence secrets…
How to Learn Cyber Security? What is Infosec | Learn… June 23, 2020 Hii Guys!! Second video in the series for learning cyber…
Encrypted Phone Network Says It’s Shutting… June 22, 2020 Someone in control of an email address long associated with…
Trend Micro Web Security (Virtual Appliance) Remote… June 23, 2020 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule…
"Meltdown – Specter and other kernel side… June 21, 2020 These attacks shook the world. These are the deadliest attack…
Boston Approves Ban on Facial Recognition Technology… June 24, 2020 BOSTON - The Boston City Council voted unanimously Wednesday to…
Members
Comments