exploit Archives — Page 8 of 11

Joomla! Component EkRishta 2.10 – ‘username’ SQL Injection

June 12, 2018 Admin

# Exploit Title: Joomla! Component EkRishta 2.10 – ‘username’ SQL Injection # Date: 2018-06-11 # Exploit Author: L0RD # Software Link: https://extensions.joomla.org/extension/ek-rishta/ # Vendor Homepage: https://www.joomlaextensions.co.in/ # Version: 2.10 # Tested on: Win 10 # […]

Canon PrintMe EFI – Cross-Site Scripting

June 12, 2018 Admin

# Title: Canon PrintMe EFI – Cross-Site Scripting # Date: 9.6.2018-06-09 # Exploit Author: Huy Kha # Vendor Homepage: [https://www.efi.com/] # Version: Canon PrintMe EFI # Tested on: Mozilla FireFox # CVE: CVE-2018-12111 # XSS […]

SearchBlox 8.6.7 – XML External Entity Injection

June 4, 2018 Admin

# Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity (OOB-XXE) # Exploit Author: Ahmet GUREL, Canberk BOLAT # Software Link: https://www.searchblox.com/ # Version: < = SearchBlox Version 8.6.7 # Platform: Java # Tested on: Windows […]

CyberArk < 10 - Memory Disclosure

June 4, 2018 Admin

# Exploit Title: CyberArk < 10 – Memory Disclosure # Date: 2018-06-04 # Exploit Author: Thomas Zuk # Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ # Version: < 9.7 and < 10 # Tested on: Windows 2008, Windows 2012, […]

GreenCMS 2.3.0603 – Cross-Site Request Forgery / Remote Code Execution

June 4, 2018 Admin

# Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell # Date: 2018-06-02 # Exploit Author: xichao # Vendor Homepage: https://github.com/GreenCMS/GreenCMS # Software Link: https://github.com/GreenCMS/GreenCMS # Version: v2.3.0603 # CVE : CVE-2018-11670 An issue was discovered […]

GreenCMS 2.3.0603 – Cross-Site Request Forgery (Add Admin)

June 4, 2018 Admin

# Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability add admin # Date: 2018-06-02 # Exploit Author: xichao # Vendor Homepage: https://github.com/GreenCMS/GreenCMS # Software Link: https://github.com/GreenCMS/GreenCMS # Version: v2.3.0603 # CVE : CVE-2018-11671 An issue was discovered […]

Smartshop 1 – Cross-Site Request Forgery

June 4, 2018 Admin

# Exploit Title: Smartshop 1 – Cross site request forgery # Date: 2018-06-02 # Exploit Author: L0RD or borna.nematzadeh123@gmail.com # Software Link: https://github.com/smakosh/Smartshop/archive/master.zip # Vendor Homepage: https://www.behance.net/gallery/49080415/Smartshop-Free-e-commerce-website # Version: 1 # Tested on: Kali linux […]

Smartshop 1 – ‘id’ SQL Injection

June 4, 2018 Admin

# Exploit Title: Smartshop 1 – SQL Injection # Date: 2018-06-02 # Exploit Author: L0RD or borna.nematzadeh123@gmail.com # Software Link: https://github.com/smakosh/Smartshop/archive/master.zip # Vendor Homepage: https://www.behance.net/gallery/49080415/Smartshop-Free-e-commerce-website # Version: 1 # Tested on: Kali linux ================================================= # […]

Git < 2.17.1 - Remote Code Execution

June 2, 2018 Admin

# Exploit Title: Git (code execution) # Date: 2018-05-29 # Exploit Author: JameelNabbo # Website: jameelnabbo.com <http://jameelnabbo.com/> # Vendor Homepage: https://github.com/git/git <https://github.com/git/git> # CVE: CVE-2018-11235 #Version: <=2.17.1 # Tested on Kali Linux P0C: Create two […]

NUUO NVRmini2 / NVRsolo – Arbitrary File Upload

May 29, 2018 Admin

# Exploit Title: NUUO NVRmini2 / NVRsolo Arbitrary File Upload Vulnerability # Google Dork: intitle:NUUO Network Video Recorder Login # Date: 2018-05-20 # Exploit Author: M3@Pandas # Vendor Homepage: http://www.nuuo.com # Software Link: N/A # […]