Phpscript-sgh 0.1.0 – Time Based Blind SQL Injection
December 4th, 2020 📆 | 2791 Views ⚑
# Exploit Title: Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection # Date: 2020-12-04 # Exploit Author: KeopssGroup0day,Inc # Vendor
Browsing the "multiple" Tag
Tagged with: based • blind • injection • multiple • phpscript • Phpscriptsgh • SQL • Time • webapps
WordPress Plugin Canto 1.3.0 – Blind SSRF (Unauthenticated)
December 4th, 2020 📆 | 8144 Views ⚑
# Exploit Title: WordPress Plugin Canto 1.3.0 - Blind SSRF (Unauthenticated) # Date: 03/12/2020 # Exploit Author: Pankaj Verma (_p4nk4j)
Tagged with: blind • canto • CVE-2020-28976CVE-2020-28977CVE-2020-28978 • multiple • plugin • SSRF • unauthenticated • webapps • wordpress
ILIAS Learning Management System 4.3 – SSRF
December 2nd, 2020 📆 | 5539 Views ⚑
# Exploit Title: ILIAS Learning Management System 4.3 - SSRF # Date: 10-08-2020 # Exploit Author: Dot/kx1z0 # Vendor Homepage:
Tagged with: ilias • learning • management • multiple • SSRF • system • webapps
Under Construction Page with CPanel 1.0 – SQL injection
December 2nd, 2020 📆 | 2214 Views ⚑
# Exploit Title: Under Construction Page with CPanel 1.0 - SQL injection # Date: 17-11-2020 # Exploit Author: Mayur Parmar(th3cyb3rc0p)
Tagged with: construction • cpanel • injection • multiple • Page • SQL • under • webapps
Expense Management System – ‘description’ Stored Cross Site Scripting
December 2nd, 2020 📆 | 7286 Views ⚑
# Exploit Title: Expense Management System - 'description' Stored Cross Site Scripting # Date: 02/12/2020 # Exploit Author: Nikhil Kumar
Tagged with: cross • description • expense • management • multiple • scripting • Site • stored • system • webapps
Student Result Management System 1.0 – Authentication Bypass SQL Injection
December 2nd, 2020 📆 | 3905 Views ⚑
# Exploit Title: Student Result Management System 1.0 - Authentication Bypass SQL Injection # Google Dork: N/A # Date: 11/16/2020
Tagged with: authentication • bypass • injection • management • multiple • result • SQL • student • system • webapps
Acronis Cyber Backup 12.5 Build 16341 – Unauthenticated SSRF
November 27th, 2020 📆 | 5422 Views ⚑
# Exploit Title: Acronis Cyber Backup 12.5 Build 16341 - Unauthenticated SSRF # Date: 2020-07-30 # Author: Julien Ahrens #
Tagged with: 16341 • acronis • backup • build • CVE-2020-16171 • cyber • multiple • SSRF • unauthenticated • webapps
SAP Lumira 1.31 – Stored Cross-Site Scripting
November 27th, 2020 📆 | 6076 Views ⚑
# Exploit Title: SAP Lumira 1.31 - Stored Cross-Site Scripting # Date: 13.08.2020 # Exploit Author: Ilca Lucian Florin #
Tagged with: cross • CrossSite • local • lumira • multiple • SAP • scripting • stored
Pure-FTPd 1.0.48 – Remote Denial of Service
November 26th, 2020 📆 | 4165 Views ⚑
# Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service # Date: 2020. nov. 26., 09:32:17 CET # Exploit Author:
Tagged with: denial • DoS • multiple • PureFTPd • remote • service
Apache OpenMeetings 5.0.0 – ‘hostname’ Denial of Service
November 24th, 2020 📆 | 4073 Views ⚑
# Exploit Title: Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service # Google Dork: "Apache OpenMeetings DOS" # Date: 2020-08-28
Tagged with: apache • CVE-2020-13951 • denial • hostname • multiple • openmeetings • service • webapps
nopCommerce Store 4.30 – ‘name’ Stored Cross-Site Scripting
November 24th, 2020 📆 | 7015 Views ⚑
# Exploit Title: nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting # Date: 24-11-2020 # Exploit Author: Hemant Patidar (HemantSolo)
Tagged with: cross • CrossSite • multiple • nopcommerce • scripting • store • stored • webapps
LifeRay 7.2.1 GA2 – Stored XSS
November 23rd, 2020 📆 | 4864 Views ⚑
# Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS # Date: 10/05/2020 # Exploit Author: 3ndG4me # Vendor Homepage: https://www.liferay.com/
Tagged with: CVE-2020-7934 • GA2 • liferay • multiple • stored • webapps • XSS
Apache Struts 2.5.20 – Double OGNL evaluation
November 21st, 2020 📆 | 6738 Views ⚑
# Exploit Title: Apache Struts 2.5.20 - Double OGNL evaluation # Date: 08/18/2020 # Exploit Author: West Shepherd # Vendor
Tagged with: apache • CVE-2019-0230 • double • evaluation • multiple • ognl • remote • struts
Aerospike Database 5.1.0.3 – OS Command Execution
November 21st, 2020 📆 | 7780 Views ⚑
# Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution # Date: 2020-08-01 # Exploit Author: Matt S # Vendor
Tagged with: aerospike • command • CVE-2020-13151 • database • execution • multiple • remote
Free MP3 CD Ripper 2.8 – Multiple File Buffer Overflow (Metasploit)
November 20th, 2020 📆 | 4166 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include
Tagged with: buffer • File • free • local • metasploit • MP3 • multiple • overflow • ripper • windows
Nagios Log Server 2.1.7 – Persistent Cross-Site Scripting
November 20th, 2020 📆 | 5581 Views ⚑
# Exploit Title: Nagios Log Server 2.1.7 - 'snapshot_name' Persistent Cross-Site Scripting # Date: 31.08.2020 # Exploit Author: Emre ÖVÜNÇ
Tagged with: cross • CrossSite • Log • multiple • nagios • persistent • scripting • server • webapps
M/Monit 3.7.4 – Privilege Escalation
November 20th, 2020 📆 | 4369 Views ⚑
# Title: M/Monit 3.7.4 - Privilege Escalation # Author: Dolev Farhi # Date: 2020-07-09 # Vendor Homepage: https://mmonit.com/ # Version
Tagged with: escalation • MMonit • monit • multiple • privilege • webapps
TestBox CFML Test Framework 4.1.0 – Arbitrary File Write and Remote Code Execution
November 20th, 2020 📆 | 8045 Views ⚑
# Title: TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution # Author: Darren King #
Tagged with: arbitrary • CFML • code • execution • File • framework • multiple • remote • Test • testbox • webapps • write
PESCMS TEAM 2.3.2 – Multiple Reflected XSS
November 19th, 2020 📆 | 3454 Views ⚑
# Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS # Date: 2020-11-18 # Exploit Author: icekam # Vendor Homepage:
Tagged with: CVE-2020-28092 • multiple • pescms • reflected • team • webapps • XSS
xuucms 3 – ‘keywords’ SQL Injection
November 19th, 2020 📆 | 7220 Views ⚑
# Exploit Title: xuucms 3 - 'keywords' SQL Injection # Date: 2020-11-18 # Exploit Author: icekam # Vendor Homepage: https://www.cxuu.top/
Tagged with: CVE-2020-28091 • injection • keywords • multiple • SQL • webapps • xuucms
M/Monit 3.7.4 – Password Disclosure
November 19th, 2020 📆 | 1628 Views ⚑
# Title: M/Monit 3.7.4 - Password Disclosure # Author: Dolev Farhi # Date: 2020-07-09 # Vendor Homepage: https://mmonit.com/ # Version
Tagged with: disclosure • MMonit • monit • multiple • password • webapps
TestBox CFML Test Framework 4.1.0 – Directory Traversal
November 19th, 2020 📆 | 2815 Views ⚑
# Title: TestBox CFML Test Framework 4.1.0 - Directory Traversal # Author: Darren King # Date: 2020-07-23 # Vendor Homepage:
Tagged with: CFML • directory • framework • multiple • Test • testbox • traversal • webapps
BigBlueButton 2.2.25 – Arbitrary File Disclosure and Server-Side Request Forgery
November 19th, 2020 📆 | 7484 Views ⚑
# Exploit Title: BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery # Date: 2020-09-11 # Exploit Author: RedTeam
Tagged with: arbitrary • bigbluebutton • CVE-2020-25820 • disclosure • File • forgery • multiple • request • server • ServerSide • webapps
Joplin 1.2.6 – ‘link’ Cross Site Scripting
November 14th, 2020 📆 | 1633 Views ⚑
# Exploit Title: Joplin 1.2.6 - 'link' Cross Site Scripting # Date: 2020-09-21 # Exploit Author: Philip Holbrook (@fhlipZero) #
Tagged with: cross • CVE-2020-28249 • joplin • link • multiple • scripting • Site • webapps
Popular
7 Things for CBAT Stock Investors to Know About the… November 13, 2020 © Source: Pavel Kapysh / Shutterstock.com A magnifying glass zooms…
Kali Linux 2020.4 released: New default shell, fresh… November 19, 2020 Offensive Security has released Kali Linux 2020.4, the latest version…
The malware that usually installs ransomware and you… November 20, 2020 Image: Lina White Gone are the days when ransomware groups…
Radiologists Name Nanox As a ‘Game… December 1, 2020 A recorded testimonial at the Nanox RSNA booth included support…
‘Sound beaming’ technology will play… November 13, 2020 New futuristic audio technology developed in Israel allows music to…
After Trump tweets Defcon hacking video, voting… November 17, 2020 Getty Images As President Trump continues to make unfounded claims…
iDS6 DSSPro Digital Signage System 6.2 –… November 7, 2020 # Exploit Title: iDS6 DSSPro Digital Signage System 6.2 -…
Members
Comments