vimarsana.com
Home
Live Updates
Exploit Title - Breaking News
Pages:
10
11
12
13
14
15
16
Page 9 - Exploit Title News Today : Breaking News, Live Updates & Top Stories | Vimarsana
Academy LMS 6 0 Cross Site Scripting - KizzMyAnthia com
# Exploit Title: Academy LMS 6.0 - Reflected XSS# Exploit Author: CraCkEr# Date: 22/07/2023# Vendor: Creativeitem# Vendor Homepage: https://creativeitem.com/# Software Link: https://demo.creativeitem.com/academy/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site # CVE: CVE-2023-4119## GreetingsThe PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka CryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionThe attacker can
Software link
Exploit title
Exploit author
Vendor homepage
Bypass filter
PHPJabbers Bus Reservation System 1 1 SQL Injection
# Exploit Title: PHPJabbers Bus Reservation System 1.1 - SQL Injection# Exploit Author: CraCkEr# Date: 20/07/2023# Vendor: PHPJabbers# Vendor Homepage: https://www.phpjabbers.com/# Software Link: https://www.phpjabbers.com/bus-reservation-system/# Tested on: Windows 10 Pro# Impact: Database Access# CVE: CVE-2023-4111## GreetingsThe PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka CryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionSQL injection attacks can allow unauthorized
Software link
Exploit title
Bus reservation system
Exploit author
Vendor homepage
PHPJabbers Rental Property Booking 2 0 Cross Site Scripting
# Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS# Exploit Author: CraCkEr# Date: 22/07/2023# Vendor: PHPJabbers# Vendor Homepage: https://www.phpjabbers.com/# Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site# CVE: CVE-2023-4117## GreetingsThe PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka CryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionThe attacker
Software link
Exploit title
Rental property booking
Exploit author
Vendor homepage
WordPress Forminator 1 24 6 Shell Upload - KizzMyAnthia com
# Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution# Date: 2023-07-20# Exploit Author: Mehmet Kelepçe# Vendor Homepage: https://wpmudev.com/project/forminator-pro/# Software Link: https://wordpress.org/plugins/forminator/# Version: 1.24.6# Tested on: PHP - Mysql - Apache2 - Windows 11HTTP Request and vulnerable parameter: -POST /3/wordpress/wp-admin/admin-ajax.php HTTP/1.1Host: localhostContent-Length: 1756sec-ch-ua:Accept: / Content-Type: multipart/form-data;boundary= WebKitFormBoundaryTmsFfkbegmAjomneX-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML,
Software link
Exploit title
Wordpress plugin forminator
Unauthenticated remote command
Exploit author
Mehmet kelep
Vendor homepage
Webutler 3 2 Shell Upload - KizzMyAnthia com
Exploit Title: Webutler v3.2 - Remote Code Execution (RCE)Application: webutler CmsVersion: v3.2Bugs: RCETechnology: PHPVendor URL: https://webutler.de/enSoftware Link: http://webutler.de/download/webutler v3.2.zipDate of found: 03.08.2023Author: Mirabbas AğalarovTested on: Linux 2. Technical Details & POC========================================steps: 1. login to account as admin2. go to visit media 3.upload phar file4. upload poc.phar filepoc.phar file contents :5. Visit to poc.phar filepoc request:POST /webutler v3.2/admin/browser/index.php?upload=newfile&types=file&actualfolder=%2F&filename=poc.phar&overwrite=true
Software link
Exploit title
Remote code execution
vimarsana © 2020. All Rights Reserved.