8b6bfd7f93
19 new exploits Cimetrics BACstac 6.2f - Privilege Escalation Cimetrics BACnet Explorer 4.0 - XML External Entity Injection SonicDICOM PACS 2.3.2 - Cross-Site Scripting SonicDICOM PACS 2.3.2 - Cross-Site Request Forgery (Add Admin) SonicDICOM PACS 2.3.2 - Privilege Escalation Kodi 17.1 - Arbitrary File Disclosure WhizBiz 1.9 - SQL Injection TI Online Examination System 2.0 - SQL Injection Viavi Real Estate - SQL Injection Viavi Movie Review - 'id' Parameter SQL Injection Viavi Product Review - 'id' Parameter SQL Injection Quadz School Management System 3.1 - 'uisd' Parameter SQL Injection Domains & Hostings Manager PRO 3.0 - 'entries' Parameter SQL Injection Joomla! Component onisPetitions 2.5 - 'tag' Parameter SQL Injection Joomla! Component onisQuotes 2.5 - 'tag' Parameter SQL Injection Joomla! Component onisMusic 2 - 'tag' Parameter SQL Injection Joomla! Component Sponsor Wall 7.0 - 'wallid' Parameter SQL Injection Joomla! Component Vik Booking 1.7 - SQL Injection Joomla! Component Soccer Bet 4.1.5 - 'cat' Parameter SQL Injection
17 lines
No EOL
568 B
Text
Executable file
17 lines
No EOL
568 B
Text
Executable file
# # # # #
|
|
# Exploit Title: WhizBiz - Business Directory CMS v1.9 - SQL Injection
|
|
# Google Dork: N/A
|
|
# Date: 12.02.2017
|
|
# Vendor Homepage: http://webhelios.com/
|
|
# Software Buy: https://codecanyon.net/item/whizbiz-business-directory-cms/12931569
|
|
# Demo: http://whizbiz.webhelios.com/
|
|
# Version: N/A
|
|
# Tested on: Win7 x64, Kali Linux x64
|
|
# # # # #
|
|
# Exploit Author: Ihsan Sencan
|
|
# Author Web: http://ihsan.net
|
|
# Author Mail : ihsan[@]ihsan[.]net
|
|
# # # # #
|
|
# SQL Injection/Exploit :
|
|
# http://localhost/[PATH]/index.php/en/results/plainkey=[SQL]
|
|
# # # # # |