SkyNet Tools

Joomla! Component EkRishta 2.10 – ‘cid’ SQL Injection

June 12, 2018 Admin

# # # # # Exploit Title: Joomla! Component Ek Rishta 2.10 – SQL Injection # Dork: N/A # Date: 08.06.2018 # Vendor Homepage: https://www.joomlaextensions.co.in/ # Software Link: https://extensions.joomla.org/extension/ek-rishta/ # Version: 2.10 # Tested on: […]

WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection

June 12, 2018 Admin

# Title: WordPress Plugin Pie Register < 3.0.9 – Blind SQL Injection # Author: Manuel García Cárdenas # Date: 2018-05-10 # Software: WordPress Plugin Pie Register 3.0.9 # CVE: CVE-2018-10969 # I. VULNERABILITY # WordPress […]

Schools Alert Management Script – SQL Injection

June 12, 2018 Admin

# Exploit Title: Schools Alert Management Script – SQL Injection # Date: 2018-06-07 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ # Category: Web Application # Exploit Author: M3@Pandas # Web: https://github.com/unh3x/just4cve/issues/2 # Tested on: […]

Joomla! Component EkRishta 2.10 – ‘username’ SQL Injection

June 12, 2018 Admin

# Exploit Title: Joomla! Component EkRishta 2.10 – ‘username’ SQL Injection # Date: 2018-06-11 # Exploit Author: L0RD # Software Link: https://extensions.joomla.org/extension/ek-rishta/ # Vendor Homepage: https://www.joomlaextensions.co.in/ # Version: 2.10 # Tested on: Win 10 # […]

Canon PrintMe EFI – Cross-Site Scripting

June 12, 2018 Admin

# Title: Canon PrintMe EFI – Cross-Site Scripting # Date: 9.6.2018-06-09 # Exploit Author: Huy Kha # Vendor Homepage: [https://www.efi.com/] # Version: Canon PrintMe EFI # Tested on: Mozilla FireFox # CVE: CVE-2018-12111 # XSS […]

SearchBlox 8.6.7 – XML External Entity Injection

June 4, 2018 Admin

# Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity (OOB-XXE) # Exploit Author: Ahmet GUREL, Canberk BOLAT # Software Link: https://www.searchblox.com/ # Version: < = SearchBlox Version 8.6.7 # Platform: Java # Tested on: Windows […]

CyberArk < 10 - Memory Disclosure

June 4, 2018 Admin

# Exploit Title: CyberArk < 10 – Memory Disclosure # Date: 2018-06-04 # Exploit Author: Thomas Zuk # Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ # Version: < 9.7 and < 10 # Tested on: Windows 2008, Windows 2012, […]

GreenCMS 2.3.0603 – Cross-Site Request Forgery / Remote Code Execution

June 4, 2018 Admin

# Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell # Date: 2018-06-02 # Exploit Author: xichao # Vendor Homepage: https://github.com/GreenCMS/GreenCMS # Software Link: https://github.com/GreenCMS/GreenCMS # Version: v2.3.0603 # CVE : CVE-2018-11670 An issue was discovered […]

GreenCMS 2.3.0603 – Cross-Site Request Forgery (Add Admin)

June 4, 2018 Admin

# Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability add admin # Date: 2018-06-02 # Exploit Author: xichao # Vendor Homepage: https://github.com/GreenCMS/GreenCMS # Software Link: https://github.com/GreenCMS/GreenCMS # Version: v2.3.0603 # CVE : CVE-2018-11671 An issue was discovered […]

Smartshop 1 – Cross-Site Request Forgery

June 4, 2018 Admin

# Exploit Title: Smartshop 1 – Cross site request forgery # Date: 2018-06-02 # Exploit Author: L0RD or borna.nematzadeh123@gmail.com # Software Link: https://github.com/smakosh/Smartshop/archive/master.zip # Vendor Homepage: https://www.behance.net/gallery/49080415/Smartshop-Free-e-commerce-website # Version: 1 # Tested on: Kali linux […]