[Canvas] D2 Elliot 1.5, April 25 2016
DSquare Security
sales at d2sec.com
Tue Apr 26 17:49:15 EDT 2016
D2 Elliot has been updated with 27 new web exploits, including 7 0days.
Now you have more than 500 exploits available in D2 Elliot. Payloads and
workflows have been improved.
This release is focused on Joomla. So we added dedicated workflows for
plugins scanning, user guessing, login bruteforcing and backdooring. The
bonus is a 0day for Joomla 1.5.x perfectly working for the last release
1.5.26.
D2 Elliot Web Exploitation Framework is regularly updated with new exploits
and tools to keep a high level of efficiency. If you need customized exploits
or tools please contact us at info at d2sec.com
For sales inquiries and orders, please contact sales at d2sec.com
--
DSquare Security, LLC
http://www.d2sec.com
Changelog:
0days - Added:
ZE-8 - eclime 1.1.3b LFI
ZE-9 - VBSEO 3.6.0 RCE
ZE-10 - appRain SQL Injection
ZE-11 - Livecart File Upload
ZE-12 - Bilboplanet SQL Injection
ZE-13 - Joomla! 1.5.26 SQL Injection
ZE-14 - OpenEMR 4.2.0 vitals/view.php SQL Injection
Exploits - Added:
E-495 - OpenMRS Reporting Module 0.9.7 RCE
E-496 - MyBB 1.8.2 RCE
E-497 - Symphony 2.6.3 SQL Injection
E-498 - Exponent 2.3.7 RCE
E-499 - Joomla Component com_realestate 3.7 SQL Injection
E-500 - Joomla Component com_pricelist 3.2.1 SQL Injection
E-501 - Joomla Component com_mydyngallery SQL Injection
E-502 - Joomla Component com_helpdeskpro SQL Injection
E-503 - Joomla Component com_jomestate 1.0 SQL Injection
E-504 - Joomla Component com_hikashop 2.3.2 RCE
E-505 - Joomla Component com_hikashop LFI
E-506 - WordPress Simple Ads Manager 2.9.4.116 SQL Injection
E-507 - phpMoAdmin RCE
E-508 - Joomla! Administrator File Upload [Templates]
E-509 - RCE Generic
E-510 - Joomla! Administrator File Upload [Templates]
E-511 - Joomla Component com_easy_youtube_gallery 1.0.2 SQL Injection
E-512 - Wordpress WP Symposium 15.1 SQL Injection
E-513 - Joomla! Administrator File Upload [Extensions]
E-514 - WordPress Advanced Video Embed File Disclosure
Payloads - Added:
P-71 - Python
Workflows - Added:
W-49 - Joomla module scanner
W-50 - Joomla bruteforcer
W-51 - MySQL Shell Write
More information about the Canvas
mailing list