what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files

WeBid 1.1.1 Cross Site Scripting / LDAP Injection
Posted Jul 10, 2014
Authored by Govind Singh

WeBid version 1.1.1 suffers from cross site scripting and LDAP injection vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8d105c182ef624aebd5f05c368cb97564d70f4933625cfef2c42cd9f068f3d2e

Related Files

Chrome WebIDBGetDBNamesCallbacksImpl::SuccessNamesAndVersionsList Use-After-Free
Posted Oct 19, 2020
Authored by Google Security Research, Glazvunov

Chrome suffers from a use-after-free vulnerability in WebIDBGetDBNamesCallbacksImpl::SuccessNamesAndVersionsList.

tags | exploit
advisories | CVE-2020-6550
SHA-256 | 8e21afeab54923d3de27189a323803a9161f7809d6877e69a623691087435de9
Hashicorp Vault AWS IAM Integration Authentication Bypass
Posted Oct 6, 2020
Authored by Google Security Research, Felix Wilhelm

HashiCorp Vault's AWS IAM authentication method can be bypassed by sending a serialized request to the STS AssumeRoleWithWebIdentity method as part of the authentication flow. The request triggers a JSON encoded response from the STS server, which can contain a fully-attacker controlled fake GetCallerIdentityResponse as part of its body. As the Vault response parser ignores non-xml content before and after the malicious response, this can be used to spoof arbitrary AWS identities and roles.

tags | exploit, arbitrary, spoof
advisories | CVE-2020-16250
SHA-256 | b13c4db73c9c1c434d36ca980312a9413268770cfb76417ed250b35bd357b407
WeBid 1.2.2 Cross Site Scripting
Posted Jan 31, 2019
Authored by Zekvan Arslan | Site netsparker.com

WeBid version 1.2.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 664795ab23255cbc8b85734dbf2e570c5d2010fe63665bf3278f21d340f67273
WeBid 1.1.2P2 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

WeBid version 1.1.2P2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c445d18ff897468b32229c61b93169d17ee6ba88ec405da9f786b7a7906b6fd
WeBid 1.1.1 Unrestricted File Upload
Posted Feb 21, 2015
Authored by CWH Underground

WeBid version 1.1.1 suffers from an unrestricted file upload vulnerability.

tags | exploit, file upload
SHA-256 | 0a29501b52601df8e1a2c36d36023a6d23b42554cdc2393e27eeb09b58827dcd
Webid 1.0.6 File Disclosure / SQL Injection
Posted May 6, 2013
Authored by Ahmed Aboul-Ela

Webid version 1.0.6 suffers from local file disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | 18d44295209f490ad81cc1f5e3e8e12c5e0835f2ffdca7b29f8ebc0733e53a86
Secunia Security Advisory 51797
Posted Jan 11, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in WeBid, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 43296ad207b7ef0d621b85a129de735634e6cd12979f3f8315e218b3f41ec772
WeBid 1.0.6 SQL Injection
Posted Jan 9, 2013
Authored by Life Wasted

WeBid version 1.0.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ef41b2d6bc97d34ca048f725d9b129c4675df101d0c695328fc8a1ead4856ed3
WeBid 1.0.5 Directory Traversal
Posted Nov 19, 2012
Authored by loneferret

WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 691fd6a645c981162b89806c3a38adbbac74928e9a8c6bdd1391a139433a93d9
WeBid 1.0.5 CSRF / Cross Site Scripting
Posted Nov 18, 2012
Authored by Ingress Security

Ingress Security researchers have found cross site request forgery and cross site scripting vulnerabilities in WeBid versions 1.0.5 and below.

tags | exploit, vulnerability, xss, csrf
SHA-256 | c1f896eea7c21f9264c91d05c357a72a7e8503da4782a9a2857721670657f5c7
WeBid 1.0.4 RFI / File Disclosure / SQL Injection
Posted Aug 17, 2012
Authored by dun

WeBid versions 1.0.4 and below suffer from local file disclosure, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, sql injection, file inclusion
SHA-256 | cadf34d43c06b4a8884f133bd4533936acc454d86939dd74decdbe83787a788e
WeBid converter.php Remote PHP Code Injection
Posted May 25, 2012
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | OSVDB-73609
SHA-256 | 80a84c00e66900b12e9cef081970706d89671fdd6de08048a29a545f296cfe05
Secunia Security Advisory 45058
Posted Jul 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in WeBid, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to disclose sensitive information, conduct SQL injection attacks, and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
SHA-256 | a7760aab0c05c80eeea41a1960ec6dff58743848c8f33ab36fecd3b936fbaffc
WeBid 1.0.2 Remote Code Execution
Posted Jul 4, 2011
Authored by EgiX

WeBid versions 1.0.2 and below remote code execution exploit that leverages converter.php.

tags | exploit, remote, php, code execution
SHA-256 | f2f3420a8b2872219d2626e048e0a240b6198bc3fedd919a8642e94486d2ee2f
WeBid 1.0.2 Cross Site Request Forgery
Posted Jun 18, 2011
Authored by KedAns-Dz

WeBid version 1.0.2 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 05b7ea39d283319d934b014dec9d61011e8ed16e7a7ca7a370459f06d5a073bc
WeBid 1.0.2 Cross Site Scripting / SQL Injection
Posted Jun 17, 2011
Authored by Saif El-Sherei

WeBid version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 0bce39b5bffc7a4bc13046662ad8b39b8fab588076ace249f26f92528f70f715
Secunia Security Advisory 44987
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in WeBid, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | bdd2f56cb9aeb8e68e6746df120691212d1a55c0a437b2e3bf2d6e388f15a2bb
Secunia Security Advisory 42171
Posted Nov 10, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in WeBid, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | 8adb4ae12970a53edc651d12ba440c304cbfda53a587685f17c0a11bde11ee55
WeBid 0.8.5P1 Local File Inclusion
Posted Nov 9, 2010
Authored by AutoSec Tools

WeBid version 0.8.5P1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 5bc0d49ec850e74c752eee1d6ab9e07d79d914d2a7decdf09e963cddad3f65c3
WeBid 0.8.5P1 Cross Site Scripting
Posted Nov 9, 2010
Authored by AutoSec Tools

WeBid version 0.8.5P1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f0ff17211f2f42b8ea38d8389d38335766bf84651af3a0a89477ffa0754f600f
Web-Ideas Web Shop Standard SQL Injection
Posted Aug 31, 2010
Authored by Ariko-Security

Web-Ideas Web Shop Standard suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | a7651507829dd54dda9a367e89e65463d9f40142716e22b30a0fb2b5bb26f1ea
WeBid 0.7.3 RC9 File Upload
Posted Mar 26, 2009

WeBid version 0.7.3 RC9 suffers from a remote file upload vulnerability in upldgallery.php.

tags | exploit, remote, php, file upload
SHA-256 | 724b8054ac1686214a3888b7b44ef75017f91526d2630701cadc8a98b66e99b0
WeBid 0.7.3 Remote File Inclusion
Posted Mar 10, 2009
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

WeBid versions 0.7.3 RC9 and below suffer from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
SHA-256 | cc032baa87192c68451ce6313b9f796925f6d37b4d41bef2dba0784a80ffcb8a
webid-upload.txt
Posted Sep 3, 2008
Authored by Stack | Site v4-team.com

WeBid version 0.5.4 remote arbitrary file upload exploit.

tags | exploit, remote, arbitrary, file upload
SHA-256 | 871646d66ad7bd0893c2099a7e857ba2ded8afbe1b3dc78416c7516cf93d6ff5
webid054-sql.txt
Posted Sep 3, 2008
Authored by Stack | Site v4-team.com

WeBid version 0.5.4 suffers from a SQL injection vulnerability in item.php.

tags | exploit, php, sql injection
SHA-256 | 6165be8e00c16246af24b0f104501ff69a686d5548c025090f99e91f3830ac51
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close