bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/41004.txt
Offensive Security 1b13c8a790 DB: 2017-01-11 
6 new exploits

DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH)

ClaSS 0.8.60 - (export.php ftype) Local File Inclusion
ClaSS 0.8.60 - 'export.php' Local File Inclusion

Miniweb 2.0 - SQL Injection (Authentication Bypass)
Miniweb 2.0 - Authentication Bypass
eDNews 2.0 - (lg) Local File Inclusion
eDContainer 2.22 - (lg) Local File Inclusion
eDNews 2.0 - Local File Inclusion
eDContainer 2.22 - Local File Inclusion
Ultimate PHP Board 2.2.1 - (log inj) Privilege Escalation
Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection
Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection
Ultimate PHP Board 2.2.1 - Privilege Escalation
Sepcity Shopping Mall - SQL Injection
Sepcity Lawyer Portal - SQL Injection
Sepcity Classified - 'classdis.asp ID' SQL Injection
FlexPHPDirectory 0.0.1 - (Authentication Bypass) SQL Injection
Flexphpsite 0.0.1 - (Authentication Bypass) SQL Injection
Flexphplink 0.0.x - (Authentication Bypass) SQL Injection
eDNews 2.0 - (eDNews_view.php newsid) SQL Injection
Sepcity Classified - 'ID' Parameter SQL Injection
FlexPHPDirectory 0.0.1 - Authentication Bypass
Flexphpsite 0.0.1 - Authentication Bypass
Flexphplink 0.0.x - Authentication Bypass
eDNews 2.0 - SQL Injection

PHPAlumni - 'Acomment.php id' SQL Injection
PHPAlumni - SQL Injection

Flexphpic 0.0.x - (Authentication Bypass) SQL Injection
Flexphpic 0.0.x - Authentication Bypass

Mole Group Vacation Estate Listing Script - (editid1) Blind SQL Injection
Mole Group Vacation Estate Listing Script - Blind SQL Injection

Friends in War Make or Break 1.3 - SQL Injection (Authentication Bypass)
Friends in War Make or Break 1.3 - Authentication Bypass
My Php Dating 2.0 - 'path' Parameter SQL Injection
My Php Dating 2.0 - 'id' Parameter SQL Injection
My PHP Dating 2.0 - 'path' Parameter SQL Injection
My PHP Dating 2.0 - 'id' Parameter SQL Injection
Friends in War Make or Break 1.7 - 'imgid' Parameter SQL Injection
Starting Page 1.3 - SQL Injection
Freepbx < 2.11.1.5 - Remote Code Execution
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation
FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)
2017-01-11 05:01:17 +00:00

22 lines
406 B
Text
Executable file
Raw Blame History

# Vulnerability: Starting Page- SQL Injection
# Date: 10.01.2017
# Vendor Homepage: http://software.friendsinwar.com/
# Tested on: win10
# Author: JaMbA
# Script link: http://software.friendsinwar.com/news.php?readmore=31
#########################
# SQL Injection/Exploit :
# Vulnerable Parametre : linkid
# http://localhost/[PATH]/outgoing.php?linkid=[SQL]
Tunisia 4 ever
Reference in a new issue View git blame Copy permalink