Browsing the "php" Tag

Exploit/Advisories

Klog Server 2.4.1 – Unauthenticated Command Injection (Metasploit)

January 25th, 2021 📆 | 2880 Views ⚑

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include

Tagged with: command • CVE-2020-35729 • injection • Klog • metasploit • php • server • unauthenticated • webapps

Exploit/Advisories

Library System 1.0 – ‘category’ SQL Injection

January 25th, 2021 📆 | 6262 Views ⚑

# Exploit Title: Library System 1.0 - 'category' SQL Injection # Exploit Author: Aitor Herrero # Date: 2021-01-22 # Vendor

Tagged with: category • injection • library • php • SQL • system • webapps

Exploit/Advisories

CASAP Automated Enrollment System 1.0 – ‘route’ Stored XSS

January 25th, 2021 📆 | 5186 Views ⚑

# Exploit Title: CASAP Automated Enrollment System 1.0 - 'route' Stored XSS # Exploit Author: Richard Jones # Date: 2021-01/23

Tagged with: automated • casap • enrollment • php • route • stored • system • webapps • XSS

Exploit/Advisories

CASAP Automated Enrollment System 1.0 – ‘First Name’ Stored XSS

January 25th, 2021 📆 | 5898 Views ⚑

# Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS # Exploit Author: Anita Gaud # Vendor

Tagged with: automated • casap • enrollment • first • php • stored • system • webapps • XSS

Exploit/Advisories

MyBB Timeline Plugin 1.0 – Cross-Site Scripting / CSRF

January 25th, 2021 📆 | 7287 Views ⚑

# Exploit Title: MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF # Date: 1/21/2021 # Author: 0xB9 # Software

Tagged with: cross • CrossSite • CSRF • MyBB • php • plugin • scripting • timeline • webapps

Exploit/Advisories

Collabtive 3.1 – ‘address’ Persistent Cross-Site Scripting

January 25th, 2021 📆 | 4537 Views ⚑

# Exploit Title: Collabtive 3.1 - 'address' Persistent Cross-Site Scripting # Date: 2021-01-23 # Exploit Author: Deha Berkin Bir #

Tagged with: address • collabtive • cross • CrossSite • persistent • php • scripting • webapps

Exploit/Advisories

CASAP Automated Enrollment System 1.0 – Authentication Bypass

January 23rd, 2021 📆 | 4450 Views ⚑

# Exploit Title: CASAP Automated Enrollment System 1.0 - Authentication Bypass # Exploit Author: Himanshu Shukla # Date: 2021-01-21 #

Tagged with: authentication • automated • bypass • casap • enrollment • php • system • webapps

Exploit/Advisories

Library System 1.0 – Authentication Bypass Via SQL Injection

January 23rd, 2021 📆 | 7495 Views ⚑

# Exploit Title: Library System 1.0 - Authentication Bypass Via SQL Injection # Exploit Author: Himanshu Shukla # Date: 2021-01-21

Tagged with: authentication • bypass • injection • library • php • SQL • system • webapps

Exploit/Advisories

Voting System 1.0 – File Upload RCE (Authenticated Remote Code Execution)

January 21st, 2021 📆 | 4494 Views ⚑

# Exploit Title: Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution) # Date: 19/01/2021 # Exploit Author:

Tagged with: authenticated • code • execution • File • php • RCE • remote • system • upload • voting • webapps

Exploit/Advisories

WordPress Plugin Simple Job Board 2.9.3 – Authenticated File Read (Metasploit)

January 21st, 2021 📆 | 6441 Views ⚑

## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include Msf::Auxiliary::Report include Msf::Exploit::Remote::HTTP::Wordpress

Tagged with: authenticated • board • CVE-2020-35749 • File • Job • metasploit • php • plugin • read • simple • webapps • wordpress

Exploit/Advisories

Apartment Visitors Management System 1.0 – ’email’ SQL Injection

January 21st, 2021 📆 | 7259 Views ⚑

# Exploit Title: Apartment Visitors Management System 1.0 - 'email' SQL Injection # Date: 20.01.2021 # Exploit Author: CANKAT ÇAKMAK

Tagged with: apartment • email • injection • management • php • SQL • system • visitors • webapps

Exploit/Advisories

Online Documents Sharing Platform 1.0 – ‘user’ SQL Injection

January 21st, 2021 📆 | 6644 Views ⚑

# Exploit Title: Online Documents Sharing Platform 1.0 - 'user' SQL Injection # Date: 21.01.2021 # Exploit Author: CANKAT ÇAKMAK

Tagged with: documents • injection • online • php • platform • sharing • SQL • user • webapps

Exploit/Advisories

Nagios XI 5.7.5 – Multiple Persistent Cross-Site Scripting

January 21st, 2021 📆 | 7449 Views ⚑

# Exploit Title: Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting # Date: 1-20-2021 # Exploit Author: Matthew Aberegg #

Tagged with: cross • CrossSite • multiple • nagios • persistent • php • scripting • webapps

Exploit/Advisories

osTicket 1.14.2 – SSRF – PHP webapps Exploit

January 19th, 2021 📆 | 1767 Views ⚑

# Exploit Title: osTicket 1.14.2 - SSRF # Date: 18-01-2021 # Exploit Author: Talat Mehmood # Vendor Homepage: https://osticket.com/ #

Tagged with: CVE-2020-24881 • exploit • osticket • php • SSRF • webapps

Exploit/Advisories

Life Insurance Management System 1.0 – File Upload RCE (Authenticated)

January 18th, 2021 📆 | 5485 Views ⚑

# Exploit Title: Life Insurance Management System 1.0 - File Upload RCE (Authenticated) # Date: 15/1/2021 # Exploit Author: Aitor

Tagged with: authenticated • File • insurance • life • management • php • RCE • system • upload • webapps

Exploit/Advisories

Life Insurance Management System 1.0 – ‘client_id’ SQL Injection

January 18th, 2021 📆 | 5333 Views ⚑

# Exploit Title: Life Insurance Management System 1.0 - 'client_id' SQL Injection # Date: 15/1/2021 # Exploit Author: Aitor Herrero

Tagged with: client • clientid • injection • insurance • life • management • php • SQL • system • webapps

Exploit/Advisories

Online Hotel Reservation System 1.0 – Admin Authentication Bypass

January 17th, 2021 📆 | 3163 Views ⚑

# Exploit Title: Online Hotel Reservation System 1.0 - Admin Authentication Bypass # Exploit Author: Richard Jones # Date: 2021-01-13

Tagged with: admin • authentication • bypass • hotel • online • php • reservation • system • webapps

Exploit/Advisories

Nagios XI 5.7.X – Remote Code Exection RCE (Authenticated)

January 17th, 2021 📆 | 8381 Views ⚑

# Exploit Title: Nagios XI 5.7.X - Remote Code Exection RCE (Authenticated) # Date: 19/12/2020 # Exploit Author: Haboob Team

Tagged with: 57x • authenticated • code • CVE-2020-35578 • exection • nagios • php • RCE • remote • webapps

Exploit/Advisories

Online Movie Streaming 1.0 – Admin Authentication Bypass

January 17th, 2021 📆 | 1955 Views ⚑

# Exploit Title: Online Movie Streaming 1.0 - Admin Authentication Bypass # Exploit Author: Richard Jones # Date: 2021-01-13 #

Tagged with: admin • authentication • bypass • movie • online • php • streaming • webapps

Exploit/Advisories

Laravel 8.4.2 debug mode – Remote code execution

January 17th, 2021 📆 | 4243 Views ⚑

# Exploit Title: Laravel 8.4.2 debug mode - Remote code execution # Date: 1.14.2021 # Exploit Author: SunCSR Team #

Tagged with: code • debug • execution • laravel • Mode • php • remote • webapps

12 3 ›»

January 2021
S	M	T	W	T	F	S
« Dec
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Browsing the "php" Tag

Tagged with: command • CVE-2020-35729 • injection • Klog • metasploit • php • server • unauthenticated • webapps

Tagged with: category • injection • library • php • SQL • system • webapps

Tagged with: automated • casap • enrollment • php • route • stored • system • webapps • XSS

Tagged with: automated • casap • enrollment • first • php • stored • system • webapps • XSS

Tagged with: cross • CrossSite • CSRF • MyBB • php • plugin • scripting • timeline • webapps

Tagged with: address • collabtive • cross • CrossSite • persistent • php • scripting • webapps

Tagged with: authentication • automated • bypass • casap • enrollment • php • system • webapps

Tagged with: authentication • bypass • injection • library • php • SQL • system • webapps

Tagged with: authenticated • code • execution • File • php • RCE • remote • system • upload • voting • webapps

Tagged with: authenticated • board • CVE-2020-35749 • File • Job • metasploit • php • plugin • read • simple • webapps • wordpress

Tagged with: apartment • email • injection • management • php • SQL • system • visitors • webapps

Tagged with: documents • injection • online • php • platform • sharing • SQL • user • webapps

Tagged with: cross • CrossSite • multiple • nagios • persistent • php • scripting • webapps

Tagged with: CVE-2020-24881 • exploit • osticket • php • SSRF • webapps

Tagged with: authenticated • File • insurance • life • management • php • RCE • system • upload • webapps

Tagged with: client • clientid • injection • insurance • life • management • php • SQL • system • webapps

Tagged with: admin • authentication • bypass • hotel • online • php • reservation • system • webapps

Tagged with: 57x • authenticated • code • CVE-2020-35578 • exection • nagios • php • RCE • remote • webapps

Tagged with: admin • authentication • bypass • movie • online • php • streaming • webapps

Tagged with: code • debug • execution • laravel • Mode • php • remote • webapps

Your Account

Email Subscription

Popular

Comments

Social Media

Now Trending Topics

Members

Tag Cloud

Categories