MyBB 1.8.6 – Cross-Site Scripting

Posted on Posted in Exploit

EDB-ID: 40749 Author: Curesec Research Team CVE: N/A Published: 2016-11-10 Type: webapps Platform: PHP E-DB Verified: Exploit: Download // View Raw Vulnerable App: Security Advisory – Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb_1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 01/29/2016 […]

vBulletin 4.2.3 – SQL Injection

Posted on Posted in Exploit

EDB-ID: 40751 Author: Manish Tanwar CVE: CVE-2016-6195 Published: 2015-08-25 Type: webapps Platform: PHP E-DB Verified: Exploit: Download // View Raw Vulnerable App: N/A ################################################################################################## #Exploit Title : vBulletin <= 4.2.3 SQL Injection (CVE-2016-6195) #Author : Manish Kishan Tanwar AKA error1046 (https://twitter.com/IndiShell1046) #Date : 25/08/2015 #Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi […]

Web2py 2.14.5 – Multiple Vulnerabilities

Posted on Posted in Exploit

EDB-ID: 39821 CVE: 2016-4806… OSVDB-ID: N/A EDB Verified: YES Author: Narendra Bhati Published: 2016-05-16 Download Exploit: Source Raw Download Vulnerable App: Download Title – Web2py 2.14.5 Multiple Vulnerabilities LFI,XSS,CSRF # Exploit Title : Web2py 2.14.5 Multiple Vulnerabilities LFI, XSS,CSRF # Reported Date : 2-April-2016 # Fixed Date : 4-April-2016 # Exploit Author : Narendra Bhati […]

CakePHP Framework 3.2.4 – IP Spoofing

Posted on Posted in Exploit

EDB-ID: 39813 CVE: 2016-4793 OSVDB-ID: N/A EDB Verified: NO Author: Dawid Golunski Published: 2016-05-16 Download Exploit: Source Raw Download Vulnerable App: Download ============================================= – Release date: 12.05.2016 – Discovered by: Dawid Golunski – Severity: Medium ============================================= I. VULNERABILITY ————————- CakePHP Framework <= 3.2.4 IP Spoofing Vulnerability 3.1.11 2.8.1 2.7.10 2.6.12 II. BACKGROUND ————————- – CakePHP […]