bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2023-05-10

Browse source 
2 changes to exploits/shellcodes/ghdb

Cmaps v8.0 - SQL injection

Online Pizza Ordering System v1.0 - Unauthenticated File Upload

Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)
This commit is contained in:
Exploit-DB 2023-05-10 00:16:24 +00:00
parent ab6317e664
commit 59207f4242
2 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
exploits/php/webapps/51422.txt
View file

@ -42,5 +42,4 @@ Special thanks goes out to iCaotix who greatly helped me in getting the environm
## Response from the server: ## Response from the server:
Look at the response time. Look at the response time.
<img src="Screenshot 2023-04-30 at 22.24.35.png" alt="Screenshot 2023-04-30 at 22.24.35" style="zoom:50%;" /> <img src="Screenshot 2023-04-30 at 22.24.35.png" alt="Screenshot 2023-04-30 at 22.24.35" style="zoom:50%;" />

6
files_exploits.csv
View file

@ -15726,7 +15726,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
41303,exploits/php/webapps/41303.txt,"CLUB-8 EMS - SQL Injection",2017-02-10,"Ihsan Sencan",webapps,php,,2017-02-10,2017-02-10,0,,,,,, 41303,exploits/php/webapps/41303.txt,"CLUB-8 EMS - SQL Injection",2017-02-10,"Ihsan Sencan",webapps,php,,2017-02-10,2017-02-10,0,,,,,,
38740,exploits/php/webapps/38740.txt,"cm3 Acora CMS - 'top.aspx' Information Disclosure",2013-08-26,"Pedro Andujar",webapps,php,,2013-08-26,2015-11-17,1,CVE-2013-4727;OSVDB-96666,,,,,https://www.securityfocus.com/bid/62010/info 38740,exploits/php/webapps/38740.txt,"cm3 Acora CMS - 'top.aspx' Information Disclosure",2013-08-26,"Pedro Andujar",webapps,php,,2013-08-26,2015-11-17,1,CVE-2013-4727;OSVDB-96666,,,,,https://www.securityfocus.com/bid/62010/info
2897,exploits/php/webapps/2897.txt,"CM68 News 12.02.06 - 'addpth' Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",webapps,php,,2006-12-07,,1,OSVDB-32142;CVE-2006-6544;OSVDB-32141;CVE-2006-6462,,,,, 2897,exploits/php/webapps/2897.txt,"CM68 News 12.02.06 - 'addpth' Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",webapps,php,,2006-12-07,,1,OSVDB-32142;CVE-2006-6544;OSVDB-32141;CVE-2006-6462,,,,,
51422,exploits/php/webapps/51422.txt,"Cmaps v8.0 - SQL injection",2023-05-05,"Lucas Noki (0xPrototype)",webapps,php,,2023-05-05,2023-05-05,0,CVE-2023-29809,,,,, 51422,exploits/php/webapps/51422.txt,"Cmaps v8.0 - SQL injection",2023-05-05,"Lucas Noki (0xPrototype)",webapps,php,,2023-05-05,2023-05-09,1,CVE-2023-29809,,,,,
6313,exploits/php/webapps/6313.txt,"CMME 1.12 - Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory",2008-08-26,SirGod,webapps,php,,2008-08-25,2016-12-20,1,OSVDB-48103;CVE-2008-3926;OSVDB-48102;CVE-2008-3925;OSVDB-48101;CVE-2008-3924;OSVDB-48100;OSVDB-48099;CVE-2008-3923;OSVDB-48098,,,,, 6313,exploits/php/webapps/6313.txt,"CMME 1.12 - Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory",2008-08-26,SirGod,webapps,php,,2008-08-25,2016-12-20,1,OSVDB-48103;CVE-2008-3926;OSVDB-48102;CVE-2008-3925;OSVDB-48101;CVE-2008-3924;OSVDB-48100;OSVDB-48099;CVE-2008-3923;OSVDB-48098,,,,,
5905,exploits/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - Local File Inclusion / Cross-Site Scripting",2008-06-22,CraCkEr,webapps,php,,2008-06-21,2016-12-09,1,OSVDB-46868;CVE-2008-2985;OSVDB-46866;CVE-2008-2984,,,,http://www.exploit-db.comcmreams_1-3-1-1_beta-2.zip, 5905,exploits/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - Local File Inclusion / Cross-Site Scripting",2008-06-22,CraCkEr,webapps,php,,2008-06-21,2016-12-09,1,OSVDB-46868;CVE-2008-2985;OSVDB-46866;CVE-2008-2984,,,,http://www.exploit-db.comcmreams_1-3-1-1_beta-2.zip,
12333,exploits/php/webapps/12333.txt,"cms (id) 5.0 - SQL Injection",2010-04-22,spykit,webapps,php,,2010-04-21,,0,CVE-2009-2439;OSVDB-55785,,,,, 12333,exploits/php/webapps/12333.txt,"cms (id) 5.0 - SQL Injection",2010-04-22,spykit,webapps,php,,2010-04-21,,0,CVE-2009-2439;OSVDB-55785,,,,,
@ -24680,7 +24680,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
49618,exploits/php/webapps/49618.txt,"Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)",2021-03-04,"Suraj Bhosale",webapps,php,,2021-03-04,2021-03-04,0,,,,,, 49618,exploits/php/webapps/49618.txt,"Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)",2021-03-04,"Suraj Bhosale",webapps,php,,2021-03-04,2021-03-04,0,,,,,,
8450,exploits/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,webapps,php,,2009-04-15,,1,OSVDB-53775,,,,, 8450,exploits/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,webapps,php,,2009-04-15,,1,OSVDB-53775,,,,,
32932,exploits/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Cross-Site Scripting",2009-04-20,Vrs-hCk,webapps,php,,2009-04-20,2014-04-18,1,CVE-2009-4934;OSVDB-53807,,,,,https://www.securityfocus.com/bid/34625/info 32932,exploits/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Cross-Site Scripting",2009-04-20,Vrs-hCk,webapps,php,,2009-04-20,2014-04-18,1,CVE-2009-4934;OSVDB-53807,,,,,https://www.securityfocus.com/bid/34625/info
51431,exploits/php/webapps/51431.py,"Online Pizza Ordering System v1.0 - Unauthenticated File Upload",2023-05-05,URGAN,webapps,php,,2023-05-05,2023-05-05,0,CVE-2023-2246,,,,, 51431,exploits/php/webapps/51431.py,"Online Pizza Ordering System v1.0 - Unauthenticated File Upload",2023-05-05,URGAN,webapps,php,,2023-05-05,2023-05-09,1,CVE-2023-2246,,,,,
48671,exploits/php/webapps/48671.txt,"Online Polling System 1.0 - Authentication Bypass",2020-07-15,AppleBois,webapps,php,,2020-07-15,2020-07-15,0,,,,,, 48671,exploits/php/webapps/48671.txt,"Online Polling System 1.0 - Authentication Bypass",2020-07-15,AppleBois,webapps,php,,2020-07-15,2020-07-15,0,,,,,,
50560,exploits/php/webapps/50560.txt,"Online Pre-owned/Used Car Showroom Management System 1.0 - SQLi Authentication Bypass",2021-12-03,"Mohamed habib Smidi",webapps,php,,2021-12-03,2021-12-16,0,CVE-2021-44655,,,,, 50560,exploits/php/webapps/50560.txt,"Online Pre-owned/Used Car Showroom Management System 1.0 - SQLi Authentication Bypass",2021-12-03,"Mohamed habib Smidi",webapps,php,,2021-12-03,2021-12-16,0,CVE-2021-44655,,,,,
42640,exploits/php/webapps/42640.txt,"Online Print Business 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",webapps,php,,2017-09-10,2017-09-10,0,,,,,, 42640,exploits/php/webapps/42640.txt,"Online Print Business 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",webapps,php,,2017-09-10,2017-09-10,0,,,,,,
@ -31043,7 +31043,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
48244,exploits/php/webapps/48244.txt,"UliCMS 2020.1 - Persistent Cross-Site Scripting",2020-03-24,SunCSR,webapps,php,,2020-03-24,2020-05-11,0,CVE-2020-12704,,,,, 48244,exploits/php/webapps/48244.txt,"UliCMS 2020.1 - Persistent Cross-Site Scripting",2020-03-24,SunCSR,webapps,php,,2020-03-24,2020-05-11,0,CVE-2020-12704,,,,,
39413,exploits/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",webapps,php,80,2016-02-04,2016-02-04,1,,,,,http://www.exploit-db.comulicms-9.8.1-snowfall-full.zip, 39413,exploits/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",webapps,php,80,2016-02-04,2016-02-04,1,,,,,http://www.exploit-db.comulicms-9.8.1-snowfall-full.zip,
51434,exploits/php/webapps/51434.txt,"Ulicms-2023.1 sniffing-vicuna - Remote Code Execution (RCE)",2023-05-05,"Mirabbas Ağalarov",webapps,php,,2023-05-05,2023-05-05,0,,,,,, 51434,exploits/php/webapps/51434.txt,"Ulicms-2023.1 sniffing-vicuna - Remote Code Execution (RCE)",2023-05-05,"Mirabbas Ağalarov",webapps,php,,2023-05-05,2023-05-05,0,,,,,,
51435,exploits/php/webapps/51435.txt,"Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)",2023-05-05,"Mirabbas Ağalarov",webapps,php,,2023-05-05,2023-05-05,0,,,,,, 51435,exploits/php/webapps/51435.txt,"Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)",2023-05-05,"Mirabbas Ağalarov",webapps,php,,2023-05-05,2023-05-09,1,,,,,,
11048,exploits/php/webapps/11048.txt,"Ulisse's Scripts 2.6.1 - 'ladder.php' SQL Injection",2010-01-07,Sora,webapps,php,,2010-01-06,,1,,,,,, 11048,exploits/php/webapps/11048.txt,"Ulisse's Scripts 2.6.1 - 'ladder.php' SQL Injection",2010-01-07,Sora,webapps,php,,2010-01-06,,1,,,,,,
11385,exploits/php/webapps/11385.txt,"ULoki Community Forum 2.1 - 'usercp.php' Cross-Site Scripting",2010-02-10,"Sioma Labs",webapps,php,,2010-02-09,,1,,,,,, 11385,exploits/php/webapps/11385.txt,"ULoki Community Forum 2.1 - 'usercp.php' Cross-Site Scripting",2010-02-10,"Sioma Labs",webapps,php,,2010-02-09,,1,,,,,,
34888,exploits/php/webapps/34888.txt,"UloKI PHP Forum 2.1 - 'search.php' Cross-Site Scripting",2009-08-19,Moudi,webapps,php,,2009-08-19,2016-10-10,1,CVE-2009-3202;OSVDB-57176,,,,,https://www.securityfocus.com/bid/44273/info 34888,exploits/php/webapps/34888.txt,"UloKI PHP Forum 2.1 - 'search.php' Cross-Site Scripting",2009-08-19,Moudi,webapps,php,,2009-08-19,2016-10-10,1,CVE-2009-3202;OSVDB-57176,,,,,https://www.securityfocus.com/bid/44273/info

Can't render this file because it is too large.