Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass)
April 14th, 2021 📆 | 2799 Views ⚑
# Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass) # Date: 13 April 2021 #
Browsing the "php" Tag
Tagged with: authentication • bypass • crime • digital • injection • management • php • report • SQL • system • webapps
Simple Student Information System 1.0 – SQL Injection (Authentication Bypass)
April 13th, 2021 📆 | 2384 Views ⚑
# Exploit Title: Simple Student Information System 1.0 - SQL Injection (Authentication Bypass) # Date: 13 April 2021 # Exploit
Tagged with: authentication • bypass • information • injection • php • simple • SQL • student • system • webapps
PrestaShop 1.7.6.7 – ‘location’ Blind Sql Injection
April 9th, 2021 📆 | 6441 Views ⚑
# Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection # Date: 2021-04-08 # Exploit Author: Vanshal Gaur # Vendor
Tagged with: blind • CVE-2020-15160 • injection • location • php • prestashop • SQL • webapps
Composr 10.0.36 – Remote Code Execution
April 8th, 2021 📆 | 5455 Views ⚑
# Exploit Title: Composr 10.0.36 - Remote Code Execution # Date: 04/06/2021 # Exploit Author: Orion Hridoy # Vendor Homepage:
Tagged with: code • composr • CVE-2021-30149 • execution • php • remote • webapps
CMSimple 5.2 – ‘External’ Stored XSS
April 8th, 2021 📆 | 5346 Views ⚑
# Exploit Title: CMSimple 5.2 - 'External' Stored XSS # Date: 2021/04/07 # Exploit Author: Quadron Research Lab # Version:
Tagged with: cmsimple • external • php • stored • webapps • XSS
Composr CMS 10.0.36 – Cross Site Scripting
April 7th, 2021 📆 | 8209 Views ⚑
# Exploit Title: Composr CMS 10.0.36 - Cross Site Scripting # Date: 04/06/2021 # Exploit Author: Orion Hridoy # Vendor
Tagged with: cms • composr • cross • CVE-2021-30150 • php • scripting • Site • webapps
OpenEMR 4.1.0 – ‘u’ SQL Injection
April 5th, 2021 📆 | 2457 Views ⚑
# Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection # Date: 2021-04-03 # Exploit Author: Michael Ikua # Vendor Homepage:
Tagged with: injection • openemr • php • SQL • webapps
Basic Shopping Cart 1.0 – Authentication Bypass
April 5th, 2021 📆 | 3563 Views ⚑
# Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass # Date: 2021-04-03 # Exploit Author: Viren Saroha (illusion) #
Tagged with: authentication • basic • bypass • Cart • php • shopping • webapps
Simple Food Website 1.0 – Authentication Bypass
April 5th, 2021 📆 | 8149 Views ⚑
# Exploit Title: Simple Food Website 1.0 - Authentication Bypass # Date: 2021-04-03 # Exploit Author: Viren Saroha (illusion) #
Tagged with: authentication • bypass • food • php • simple • webapps • website
Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines
April 4th, 2021 📆 | 7736 Views ⚑
Here’s an overview of some of last week’s most interesting news and articles: Attackers tried to insert backdoor into PHP
Tagged with: attack • chain • CICD • common • hardening • php • pipelines • review • supply • traps • trust • Week
Zabbix 3.4.7 – Stored XSS
March 31st, 2021 📆 | 2497 Views ⚑
# Exploit Title: Zabbix 3.4.7 - Stored XSS # Date: 30-03-2021 # Exploit Author: Radmil Gazizov # Vendor Homepage: https://www.zabbix.com/
Tagged with: php • stored • webapps • XSS • zabbix
Hackers backdoor PHP source code after breaching internal git server
March 30th, 2021 📆 | 3081 Views ⚑
A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that
Tagged with: after • backdoor • breaching • code • Git • hackers • internal • php • server • source
GetSimple CMS 3.3.16 – Reflected XSS to RCE
March 30th, 2021 📆 | 6953 Views ⚑
# Exploit Title: GetSimple CMS 3.3.16 - Reflected XSS to RCE # Exploit Author: Bobby Cooke (boku) # Discovery Credits:
Tagged with: cms • CVE-2020-23839 • getsimple • php • RCE • reflected • webapps • XSS
Budget Management System 1.0 – ‘Budget title’ Stored XSS
March 29th, 2021 📆 | 5747 Views ⚑
# Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS # Exploit Author: Jitendra Kumar Tripathi # Vendor
Tagged with: budget • management • php • stored • system • title • webapps • XSS
Equipment Inventory System 1.0 – ‘multiple’ Stored XSS
March 29th, 2021 📆 | 4402 Views ⚑
# Exploit Title: Equipment Inventory System 1.0 - 'multiple' Stored XSS # Exploit Author: Jitendra Kumar Tripathi # Vendor Homepage:
Tagged with: equipment • inventory • multiple • php • stored • system • webapps • XSS
Concrete5 8.5.4 – ‘name’ Stored XSS
March 29th, 2021 📆 | 2663 Views ⚑
# Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS # Date: 2021-01 # Exploit Author: Quadron Research Lab # Version:
Tagged with: concrete5 • CVE-2021-3111 • php • stored • webapps • XSS
WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)
March 29th, 2021 📆 | 6208 Views ⚑
# Exploit Title: WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated) # Google Dork: inurl:/wp-content/plugins/wp-super-cache/ # Date:
Tagged with: authenticated • cache • code • execution • php • plugin • remote • super • webapps • wordpress
Moodle 3.10.3 – ‘label’ Persistent Cross Site Scripting
March 27th, 2021 📆 | 5264 Views ⚑
# Exploit Title: Moodle 3.10.3 - 'label' Persistent Cross Site Scripting # Date: 25.03.2021 # Author: Vincent666 ibn Winnie #
Tagged with: cross • label • moodle • persistent • php • scripting • Site • webapps
Regis Inventory And Monitoring System 1.0 – ‘Item List’ Stored XSS
March 27th, 2021 📆 | 4532 Views ⚑
# Title: Regis Inventory And Monitoring System 1.0 - 'Item List' Stored XSS # Exploit Author: George Tsimpidas # Date:
Tagged with: inventory • Item • list • monitoring • php • regis • stored • system • webapps • XSS
GetSimple CMS Custom JS Plugin 0.1 – CSRF to Persistent XSS
March 27th, 2021 📆 | 6872 Views ⚑
# Exploit Title: GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS # Exploit Author: Abhishek Joshi #
Tagged with: cms • CSRF • custom • getsimple • persistent • php • plugin • webapps • XSS
Popular
Microsoft Exchange ProxyLogon Remote Code Execution… March 24, 2021 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule…- Microsoft Exchange 2019 SSRF / Arbitrary File Write… March 19, 2021 import requestsfrom urllib3.exceptions import InsecureRequestWarningimport randomimport stringimport sysdef id_generator(size=6, chars=string.ascii_lowercase…
Meet the 2021 SC Awards judges March 29, 2021 Each year, a select pool of experts from the cybersecurity…
Acer Reportedly Targeted by Ransomware Gang March 21, 2021 PC and Device Maker Appears to Have Been Targeted by…
“Expert” hackers used 11 0-days to infect Windows,… March 19, 2021 A team of advanced hackers exploited no fewer than 11…
RLX Technology Inc. to Report Fourth Quarter and… March 19, 2021 BEIJING, March 19, 2021 /PRNewswire/ --RLX Technology Inc. ("RLX" or…
Was My Facebook Hacked? How to See if Your Phone… April 5, 2021 Photo: Chip Somodevilla (Getty Images)Hacked data on over 553 million…
Members
Comments