Daily Expenses Management System 1.0 – ‘item’ SQL Injection
August 7th, 2020 📆 | 1610 Views ⚑
# Exploit Title: Daily Expenses Management System 1.0 - 'item' SQL Injection # Date: 2020-08-05 # Exploit Author: Edo Maland
Browsing the "php" Tag
Tagged with: daily • expenses • injection • Item • management • php • SQL • system • webapps
Victor CMS 1.0 – ‘Search’ SQL Injection
August 7th, 2020 📆 | 7022 Views ⚑
# Exploit Title: Victor CMS 1.0 - 'Search' SQL Injection # Date: 2020-08-04 # Exploit Author: Edo Maland # Vendor
Tagged with: cms • injection • php • search • SQL • victor • webapps
Daily Expenses Management System 1.0 – ‘username’ SQL Injection
August 6th, 2020 📆 | 2728 Views ⚑
*] *]# Exploit Title: Daily Expenses Management System 1.0 - 'username' SQL Injection # Exploit Author: Daniel Ortiz # Date:
Tagged with: daily • expenses • injection • management • php • SQL • system • username • webapps
Stock Management System 1.0 – Authentication Bypass
August 6th, 2020 📆 | 5066 Views ⚑
# Exploit Title: Stock Management System 1.0 - Authentication Bypass # Exploit Author: Adeeb Shah (@hyd3sec) # Date: August 1,
Tagged with: authentication • bypass • management • php • stock • system • webapps
LibreHealth 2.0.0 – Authenticated Remote Code Execution
August 1st, 2020 📆 | 4515 Views ⚑
# Exploit Title: LibreHealth 2.0.0 - Authenticated Remote Code Execution # Exploit Author: Bobby Cooke # Date: 2020-07-17 # Vendor
Tagged with: authenticated • code • execution • librehealth • php • remote • webapps
Online Shopping Alphaware 1.0 – Authentication Bypass
July 31st, 2020 📆 | 8054 Views ⚑
# Title: Online Shopping Alphaware 1.0 - Authentication Bypass # Exploit Author: Ahmed Abbas # Date: 2020-07-28 # Vendor Homepage:
Tagged with: alphaware • authentication • bypass • online • php • shopping • webapps
WordPress Plugin Maintenance Mode by SeedProd 5.1.1 – Persistent Cross-Site Scripting
July 30th, 2020 📆 | 1571 Views ⚑
# Exploit Title: WordPress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting # Date: 2020-06-22 # Vendor Homepage:
Tagged with: cross • CrossSite • CVE-2020-15038 • maintenance • Mode • persistent • php • plugin • scripting • seedprod • webapps • wordpress
eGroupWare 1.14 – ‘spellchecker.php’ Remote Command Execution
July 27th, 2020 📆 | 4721 Views ⚑
# Exploit Title: eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution # Date: 2020-07-27 # Exploit Author: Berk KIRAS # Vendor
Tagged with: command • egroupware • execution • php • remote • spellchecker • spellcheckerphp • webapps
GOautodial 4.0 – Persistent Cross-Site Scripting (Authenticated)
July 27th, 2020 📆 | 8095 Views ⚑
# Exploit Title: GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated) # Author: Balzabu # Discovery Date: 2020-07-23 # Vendor Homepage:
Tagged with: authenticated • cross • CrossSite • goautodial • persistent • php • scripting • webapps
Online Course Registration 1.0 – Unauthenticated Remote Code Execution
July 27th, 2020 📆 | 2275 Views ⚑
# Exploit Title: Online Course Registration 1.0 - Unauthenticated Remote Code Execution # Exploit Author: Bobby Cooke # Credit to
Tagged with: code • course • execution • online • php • registration • remote • unauthenticated • webapps
elaniin CMS – Authentication Bypass
July 27th, 2020 📆 | 5982 Views ⚑
# Exploit Title: elaniin CMS 1.0 - Authentication Bypass # Google Dork: N/A # Date: 2020-07-14 # Exploit Author: BKpatron
Tagged with: authentication • bypass • cms • elaniin • php • webapps
Koken CMS 0.22.24 – Arbitrary File Upload (Authenticated)
July 27th, 2020 📆 | 4197 Views ⚑
# Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated) # Date: 2020-07-15 # Exploit Author: v1n1v131r4 # Vendor
Tagged with: arbitrary • authenticated • cms • File • koken • php • upload • webapps
PandoraFMS 7.0 NG 746 – Persistent Cross-Site Scripting
July 27th, 2020 📆 | 3871 Views ⚑
# Exploit Title: PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting # Date: 2020-07-01 # Author: AppleBois # Version: 7xx
Tagged with: cross • CrossSite • CVE-2020-11749 • pandorafms • persistent • php • scripting • webapps
WordPress Plugin Email Subscribers & Newsletters 4.2.2 – ‘hash’ SQL Injection (Unauthenticated)
July 27th, 2020 📆 | 7428 Views ⚑
# Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated) # Google Dork: "Stable tag"
Tagged with: CVE-2019-20361 • email • hash • injection • newsletters • php • plugin • SQL • subscribers • unauthenticated • webapps • wordpress
Virtual Airlines Manager 2.6.2 – Persistent Cross-Site Scripting
July 27th, 2020 📆 | 6205 Views ⚑
# Exploit Title: Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting # Google Dork: inurl:"/vam/index_vam_op.php" # Date: 2020-06-29 # Exploit
Tagged with: airlines • cross • CrossSite • manager • persistent • php • scripting • virtual • webapps
pfSense 2.4.4-p3 – Cross-Site Request Forgery
July 27th, 2020 📆 | 2549 Views ⚑
# Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery # Date: 2019-09-27 # Exploit Author: ghost_fh # Vendor Homepage: https://www.pfsense.org/
Tagged with: 244P3 • cross • CrossSite • CVE-2019-16667 • forgery • pfsense • php • request • webapps
Webtareas 2.1p – Arbitrary File Upload (Authenticated)
July 27th, 2020 📆 | 6713 Views ⚑
# Exploit Title: Webtareas 2.1p - Arbitrary File Upload (Authenticated) # Author: AppleBois # Date: 2020-07-10 # Exploit author :
Tagged with: 21p • arbitrary • authenticated • File • php • upload • webapps • webtareas
WordPress Plugin Email Subscribers & Newsletters 4.2.2 – Unauthenticated File Download
July 26th, 2020 📆 | 7755 Views ⚑
# Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download # Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt
Tagged with: CVE-2019-19985 • download • email • File • newsletters • php • plugin • subscribers • unauthenticated • webapps • wordpress
WordPress Theme NexosReal Estate 1.7 – ‘search_order’ SQL Injection
July 22nd, 2020 📆 | 8210 Views ⚑
*] *]# Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection # Google Dork: inurl:/wp-content/themes/nexos/ # Date: 2020-06-17
Tagged with: CVE-2020-15364CVE-2020-15363 • estate • injection • nexosreal • order • php • search • searchorder • SQL • theme • webapps • wordpress
CMSUno 1.6 – Cross-Site Request Forgery (Change Admin Password)
July 17th, 2020 📆 | 2054 Views ⚑
# Exploit Title: CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password) # Date: 2020-05-31 # Exploit Author: Noth #
Tagged with: admin • change • cmsuno • cross • CrossSite • CVE-2020-15600 • forgery • password • php • request • webapps
RiteCMS 2.2.1 – Remote Code Execution
July 17th, 2020 📆 | 5739 Views ⚑
# Exploit Title: RiteCMS 2.2.1 - Remote Code Execution # Date: 2020-07-03 # Exploit Author: Enes Özeser # Vendor Homepage:
Tagged with: code • execution • php • remote • ritecms • webapps
Infor Storefront B2B 1.0 – ‘usr_name’ SQL Injection
July 16th, 2020 📆 | 8339 Views ⚑
# Exploit Title: Infor Storefront B2B 1.0 - 'usr_name' SQL Injection # Google Dork: inurl:storefrontb2bweb # Date: 2020-06-27 # Exploit
Tagged with: B2B • infor • injection • php • SQL • storefront • usrname • webapps
Online Farm Management System 0.1.0 – Persistent Cross-Site Scripting
July 16th, 2020 📆 | 7260 Views ⚑
# Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting # Date: 2020-06-29 # Exploit Author: KeopssGroup0day,Inc #
Tagged with: cross • CrossSite • Farm • management • online • persistent • php • scripting • system • webapps
Web Based Online Hotel Booking System 0.1.0 – Authentication Bypass
July 16th, 2020 📆 | 7157 Views ⚑
# Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass # Date: 2020-07-03 # Exploit Author: KeopssGroup0day,Inc
Tagged with: authentication • based • booking • bypass • hotel • online • php • system • web • webapps
Popular
Red Hat Security Advisory 2020-3101-01 ≈ Packet Storm July 23, 2020 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256==================================================================== Red Hat Security AdvisorySynopsis: Important:…
The IT Investments Federal Technology Leaders See on… July 16, 2020 Training and Data Analytics Are Seen as Key to Cybersecurity…- Sifter 8.5_2 July 23, 2020 Sifter 8.5_2 Posted Jul 23, 2020 Authored by s1l3nt78 |…
- Red Hat Security Advisory 2020-3005-01 ≈ Packet Storm July 20, 2020 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256==================================================================== Red Hat Security AdvisorySynopsis: Important:…
Dr. Sills: How NFL is using innovative technology to … July 28, 2020 NFL Chief Medical Officer Dr. Allen Sills joins "Good Morning…
Garmin suffers massive technology outage in a… July 25, 2020 Garmin International continues to struggle with a major technological outage…
Hackers stole GitHub and GitLab OAuth tokens from… July 27, 2020 Image: Yancy Min Waydev, an analytics platform used by software…
Members
Comments