April 9th, 2020 📆 | 3371 Views ⚑
# Title: Postauth SQL injection in NagiosXI 5.6.11 (param: orderby)# Date: 13.03.2020# Vendor: https://www.nagios.com/# Vulnerable software: https://www.nagios.com/downloads/nagios-xi/vmware/# Repo: https://github.com/c610/free/[email protected]:~$ cat
April 9th, 2020 📆 | 4104 Views ⚑
# Title: Postauth SQL injection in Centreon 19.11 (param: acl_res_name)# Date: 03.04.2020# Vendor: https://www.centreon.com/# Vulnerable software: https://download.centreon.com/index.php?product=19.10&action=ask&id=5074# Repo: https://github.com/c610/free/[email protected]:~$ cat
April 9th, 2020 📆 | 3103 Views ⚑
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote SQL injection vulnerabilities in Centreon version 19.10-3.el7.
April 7th, 2020 📆 | 2752 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRankinginclude Msf::Exploit::Remote::HttpClient def initialize(info = {})super(update_info(info,‘Name’
April 3rd, 2020 📆 | 7409 Views ⚑
SQLMAP – Automatic SQL Injection Tool 1.4.4 Posted Apr 3, 2020 Authored by Bernardo Damele | Site sqlmap.sourceforge.net sqlmap is
April 1st, 2020 📆 | 5630 Views ⚑
# Exploit Title: KandNconcepts Club CMS 1.x SQL Injection & XSS Vulnerability# Google Dork:intext:”K & N Concepts Ltd”# Date: 2020-03-31#
April 1st, 2020 📆 | 1794 Views ⚑
# Exploit Title: Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection # Date: 2020-03-30 # Exploit Author: Jacob Baines
April 1st, 2020 📆 | 3362 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include
April 1st, 2020 📆 | 3251 Views ⚑
# Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection # Date: 2020-03-30 # Exploit Author: Jacob Baines
March 31st, 2020 📆 | 7842 Views ⚑
# This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include
March 31st, 2020 📆 | 3663 Views ⚑
# Exploit Title: Grandstream UCM6200 Series CTI Interface – ‘user_password’ SQL Injection# Date: 2020-03-30# Exploit Author: Jacob Baines# Vendor Homepage:
March 31st, 2020 📆 | 3207 Views ⚑
# Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 – ‘user_password’ SQL Injection# Date: 2020-03-30# Exploit Author: Jacob Baines# Vendor Homepage:
March 30th, 2020 📆 | 3507 Views ⚑
# Exploit Title: DesignMasterEvents Conference management CMS SQL Injection Auth Bypass & XSS Vulnerability# Google Dork: intext:”by :Design Master Events”#
March 28th, 2020 📆 | 7797 Views ⚑
—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA512 Advisory ID: SYSS-2019-046Product: Micro Focus Vibe (formerly Novelle Vibe)Manufacturer: Micro Focus International plcAffected Version(s): 4.0.6Tested
March 28th, 2020 📆 | 1733 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStager def initialize(info
March 28th, 2020 📆 | 4904 Views ⚑
# Exploit Title: Webexcels Ecommerce CMS SQL Injection & XSS Vulnerability# Google Dork: intext:intext:” By WEB EXCELS “+inurl:”?Id=”# Date: 2020-03-27#
March 27th, 2020 📆 | 7767 Views ⚑
################################################################### # Exploit Title : WordPress StatTraq 1.3.0 SQL Injection# Author Discovered By ] : KingSkrupellos# Team : Cyberizm
March 27th, 2020 📆 | 4961 Views ⚑
# Exploit Title: Soluzione Globale Ecommerce cms v1 SQL Injection Vulnerability# Google Dork: intext:” Soluzione Globale s.r.l.s. ” +inurl:/.php?id=# Date:
March 26th, 2020 📆 | 3854 Views ⚑
# This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerinclude Msf::Exploit::Powershellinclude
March 26th, 2020 📆 | 7121 Views ⚑
HP ThinPro – Privileged command injection=============================================================================== Identifiers————————————————-* CVE-2019-18910 CVSSv3 score————————————————-7.6 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L) Vendor————————————————-HP – https://www.hp.com](https://www.hp.com) Product————————————————-Deliver secure desktop virtualization that’s as
March 26th, 2020 📆 | 2920 Views ⚑
HP ThinPro – Citrix command injection=============================================================================== Identifiers————————————————-* CVE-2019-18909 CVSSv3 score————————————————-6.1 (AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) Vendor————————————————-HP – https://www.hp.com](https://www.hp.com) Product————————————————-Deliver secure desktop virtualization that’s as
March 25th, 2020 📆 | 3026 Views ⚑
# Exploit Title: SialWeb CMS SQL Injection & XSS Vulnerability# Google Dork: intext:” By Sial Web” +inurl:/.php?id=# Date: 2020-03-22# Exploit
March 24th, 2020 📆 | 8586 Views ⚑
# Exploit Title: UCM6202 1.0.18.13 – Remote Command Injection# Date: 2020-03-23# Exploit Author: Jacob Baines# Vendor: http://www.grandstream.com# Product Link: http://www.grandstream.com/products/ip-pbxs/ucm-series-ip-pbxs/product/ucm6200-series#
March 24th, 2020 📆 | 4124 Views ⚑
# Exploit Title: UCM6202 1.0.18.13 - Remote Command Injection # Date: 2020-03-23 # Exploit Author: Jacob Baines # Vendor: http://www.grandstream.com
Netlink GPON Router 1.0.11 – Remote Code Execution March 23, 2020 # Exploit Title: Netlink GPON Router 1.0.11 - Remote Code…
Liz Crokin Claims Celebrities Are Getting… March 18, 2020 Liz Crokin Claims Celebrities Are Getting Coronavirus From Tainted 'Adrenochrome…
Windows 10 Version 2004 Receives Build 19041.153 (KB4541738) March 13, 2020 Windows 10 Build 19041.153 is available for Windows Insiders in…
Voter records for the entire country of Georgia… March 30, 2020 Image via Mostafa Meraji Voter information for more than 4.9…
Slickwraps has been hacked, customer data is… March 22, 2020 Slickwraps is one of the most well-known sellers of vinyl…
Otterbein University under malware attack days after… March 12, 2020 Otterbein University under malware attack days after switching to online…
How to Secure Your Zoom Meetings from Zoom-Bombing Attacks March 31, 2020 Since countries have begun enforcing shelter-in-place and stay-at-home orders during the…
Comments