Fast PHP Chat 1.3 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Fast PHP Chat 1.3 SQL Injection ≈ Packet Storm admin April 23, 2021 # Exploit Title: Fast PHP Chat 1.3 – ‘my_item_search’ SQL Injection# Date: 15/04/2021# Exploit Author: Fatih Coskun#...Read More
Cockpit CMS 0.11.1 NoSQL Injection / Remote Command Execution ≈ Packet Storm 5 min read Exploit/Advisories Vulnerabilties Cockpit CMS 0.11.1 NoSQL Injection / Remote Command Execution ≈ Packet Storm admin April 22, 2021 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require ‘metasploit/framework/hashes/identify’ class MetasploitModule < Msf::Exploit::RemoteRank = NormalRanking...Read More
Fast PHP Chat 1.3 – ‘my_item_search’ SQL Injection 2 min read Exploit/Advisories Vulnerabilties Fast PHP Chat 1.3 – ‘my_item_search’ SQL Injection admin April 21, 2021 # Exploit Title: Fast PHP Chat 1.3 - 'my_item_search' SQL Injection # Date: 15/04/2021 # Exploit Author:...Read More
Digital Crime Report Management System 1.0 SQL Injection ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties Digital Crime Report Management System 1.0 SQL Injection ≈ Packet Storm admin April 16, 2021 # Exploit Title: Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass)# Date: 13 April...Read More
CITSmart ITSM 9.1.2.22 LDAP Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties CITSmart ITSM 9.1.2.22 LDAP Injection ≈ Packet Storm admin April 16, 2021 # Exploit Title: CITSmart ITSM 9.1.2.22 – LDAP Injection# Google Dork: “citsmart.local”# Date: 29/12/2020# Exploit Author: skysbsb#...Read More
CITSmart ITSM 9.1.2.27 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties CITSmart ITSM 9.1.2.27 SQL Injection ≈ Packet Storm admin April 16, 2021 # Exploit Title: CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)# Google Dork: “citsmart.local”# Date:...Read More
CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated) 1 min read Exploit/Advisories Vulnerabilties CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated) admin April 14, 2021 # Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated) # Google Dork: "citsmart.local"...Read More
CITSmart ITSM 9.1.2.22 – LDAP Injection 1 min read Exploit/Advisories Vulnerabilties CITSmart ITSM 9.1.2.22 – LDAP Injection admin April 14, 2021 # Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection # Google Dork: "citsmart.local" # Date: 29/12/2020 #...Read More
Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass) 2 min read Exploit/Advisories Vulnerabilties Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass) admin April 14, 2021 # Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass) # Date: 13...Read More
Simple Student Information System 1.0 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Simple Student Information System 1.0 SQL Injection ≈ Packet Storm admin April 13, 2021 # Exploit Title: Simple Student Information System 1.0 – SQL Injection (Authentication Bypass)# Date: 13 April 2021#...Read More
Blitar Tourism 1.0 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Blitar Tourism 1.0 SQL Injection ≈ Packet Storm admin April 13, 2021 # Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi# Date: 13 April 2021# Exploit Author: sigeri94#...Read More
Simple Student Information System 1.0 – SQL Injection (Authentication Bypass) 1 min read Exploit/Advisories Vulnerabilties Simple Student Information System 1.0 – SQL Injection (Authentication Bypass) admin April 13, 2021 # Exploit Title: Simple Student Information System 1.0 - SQL Injection (Authentication Bypass) # Date: 13 April...Read More
PrestaShop 1.7.6.7 SQL Injection ≈ Packet Storm 5 min read Exploit/Advisories Vulnerabilties PrestaShop 1.7.6.7 SQL Injection ≈ Packet Storm admin April 9, 2021 # Exploit Title: PrestaShop 1.7.6.7 – ‘location’ Blind Sql Injection # Date: 2021-04-08# Exploit Author: Vanshal Gaur#...Read More
PrestaShop 1.7.6.7 – ‘location’ Blind Sql Injection 5 min read Exploit/Advisories Vulnerabilties PrestaShop 1.7.6.7 – ‘location’ Blind Sql Injection admin April 9, 2021 # Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection # Date: 2021-04-08 # Exploit Author: Vanshal...Read More
Simple Food Website 1.0 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Simple Food Website 1.0 SQL Injection ≈ Packet Storm admin April 6, 2021 # Exploit Title: Simple Food Website (CMS) | Admin Bypass (SQLi)# Exploit Author: Richard Jones# Date: 02-04-2021#...Read More
Basic Shopping Cart 1.0 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties Basic Shopping Cart 1.0 SQL Injection ≈ Packet Storm admin April 6, 2021 # Exploit Title: Basic Shopping Cart 1.0 – Authentication Bypass# Date: 2021-04-03# Exploit Author: Viren Saroha (illusion)#...Read More
OpenEMR 4.1.0 SQL Injection ≈ Packet Storm 1 min read Exploit/Advisories Vulnerabilties OpenEMR 4.1.0 SQL Injection ≈ Packet Storm admin April 6, 2021 # Exploit Title: OpenEMR 4.1.0 – ‘u’ SQL Injection# Date: 2021-04-03# Exploit Author: Michael Ikua# Vendor Homepage:...Read More
OpenEMR 4.1.0 – ‘u’ SQL Injection 2 min read Exploit/Advisories Vulnerabilties OpenEMR 4.1.0 – ‘u’ SQL Injection admin April 5, 2021 # Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection # Date: 2021-04-03 # Exploit Author: Michael Ikua...Read More
SQLMAP – Automatic SQL Injection Tool 1.5.4 1 min read Pentest Tools SQLMAP – Automatic SQL Injection Tool 1.5.4 admin April 2, 2021 SQLMAP – Automatic SQL Injection Tool 1.5.4 Posted Apr 2, 2021 Authored by Bernardo Damele | Site...Read More
Latrix 0.6.0 SQL Injection ≈ Packet Storm 2 min read Exploit/Advisories Vulnerabilties Latrix 0.6.0 SQL Injection ≈ Packet Storm admin April 2, 2021 # Exploit Title: Latrix 0.6.0 – ‘txtaccesscode’ SQL Injection# Date: 03/30/2021# Exploit Author: cptsticky# Vendor Homepage: https://sourceforge.net/projects/latrix#...Read More