Online Hotel Reservation System 1.0 – Admin Authentication Bypass
January 17th, 2021 📆 | 3259 Views ⚑
# Exploit Title: Online Hotel Reservation System 1.0 - Admin Authentication Bypass # Exploit Author: Richard Jones # Date: 2021-01-13
Browsing the "webapps" Tag
Tagged with: admin • authentication • bypass • hotel • online • php • reservation • system • webapps
Nagios XI 5.7.X – Remote Code Exection RCE (Authenticated)
January 17th, 2021 📆 | 2026 Views ⚑
# Exploit Title: Nagios XI 5.7.X - Remote Code Exection RCE (Authenticated) # Date: 19/12/2020 # Exploit Author: Haboob Team
Tagged with: 57x • authenticated • code • CVE-2020-35578 • exection • nagios • php • RCE • remote • webapps
Online Movie Streaming 1.0 – Admin Authentication Bypass
January 17th, 2021 📆 | 6655 Views ⚑
# Exploit Title: Online Movie Streaming 1.0 - Admin Authentication Bypass # Exploit Author: Richard Jones # Date: 2021-01-13 #
Tagged with: admin • authentication • bypass • movie • online • php • streaming • webapps
Cisco RV110W 1.2.1.7 – ‘vpn_account’ Denial of Service (PoC)
January 17th, 2021 📆 | 3379 Views ⚑
# Exploit Title: Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC) # Date: 2021-01 # Exploit Author: Shizhi He
Tagged with: account • cisco • CVE-2021-1167 • denial • hardware • PoC • rv110w • service • vpnaccount • webapps
Laravel 8.4.2 debug mode – Remote code execution
January 17th, 2021 📆 | 1782 Views ⚑
# Exploit Title: Laravel 8.4.2 debug mode - Remote code execution # Date: 1.14.2021 # Exploit Author: SunCSR Team #
Tagged with: code • debug • execution • laravel • Mode • php • remote • webapps
Online Shopping Cart System 1.0 – ‘id’ SQL Injection
January 17th, 2021 📆 | 6478 Views ⚑
# Exploit Title: Online Shopping Cart System 1.0 - 'id' SQL Injection # Date: 14.1.2021 # Exploit Author: Aydın Baran
Tagged with: Cart • injection • online • php • shopping • SQL • system • webapps
Netsia SEBA+ 0.16.1 – Authentication Bypass and Add Root User (Metasploit)
January 17th, 2021 📆 | 6920 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient def initialize(info
Tagged with: Add • authentication • bypass • metasploit • multiple • netsia • root • SEBA • user • webapps
Alumni Management System 1.0 – “Last Name field in Registration page” Stored XSS
January 17th, 2021 📆 | 3383 Views ⚑
# Exploit Title: Alumni Management System 1.0 - "Last Name field in Registration page" Stored XSS # Exploit Author: Siva
Tagged with: alumni • field • management • Page • php • registration • stored • system • webapps • XSS
EyesOfNetwork 5.3 – File Upload Remote Code Execution
January 17th, 2021 📆 | 2754 Views ⚑
# Exploit Title: EyesOfNetwork 5.3 - File Upload Remote Code Execution # Date: 10/01/2021 # Exploit Author: Ariane.Blow # Vendor
Tagged with: code • execution • eyesofnetwork • File • multiple • remote • upload • webapps
Online Hotel Reservation System 1.0 – ‘person’ time-based SQL Injection
January 17th, 2021 📆 | 3625 Views ⚑
# Exploit Title: Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection # Exploit Author: Mesut Cetin # Date:
Tagged with: based • hotel • injection • online • person • php • reservation • SQL • system • TimeBased • webapps
Online Hotel Reservation System 1.0 – ‘id’ Time-based SQL Injection
January 16th, 2021 📆 | 5671 Views ⚑
# Exploit Title: Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection # Exploit Author: Mesut Cetin # Date:
Tagged with: based • hotel • injection • online • php • reservation • SQL • system • TimeBased • webapps
Online Hotel Reservation System 1.0 – Cross-site request forgery (CSRF)
January 16th, 2021 📆 | 2277 Views ⚑
# Exploit Title: Online Hotel Reservation System 1.0 - Cross-site request forgery (CSRF) # Exploit Author: Mesut Cetin # Date:
Tagged with: cross • CrossSite • CSRF • forgery • hotel • online • php • request • reservation • system • webapps
WordPress Plugin Easy Contact Form 1.1.7 – ‘Name’ Stored Cross-Site Scripting (XSS)
January 16th, 2021 📆 | 4223 Views ⚑
# Exploit Title: WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting (XSS) # Date: 14/01/2021 # Exploit
Tagged with: contact • cross • CrossSite • Easy • Form • php • plugin • scripting • stored • webapps • wordpress • XSS
Online Hotel Reservation System 1.0 – ‘description’ Stored Cross-site Scripting
January 16th, 2021 📆 | 4500 Views ⚑
# Exploit Title: Online Hotel Reservation System 1.0 - Stored Cross-site Scripting # Exploit Author: Mesut Cetin # Date: 2021-01-14
Tagged with: cross • CrossSite • description • hotel • online • php • reservation • scripting • stored • system • webapps
PHP-Fusion CMS 9.03.90 – Cross-Site Request Forgery (Delete admin shoutbox message)
January 16th, 2021 📆 | 4034 Views ⚑
# Exploit Title: PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message) # Date: 2020-12-21 # Exploit Author:
Tagged with: admin • cms • cross • CrossSite • delete • forgery • fusion • message • php • PHPFusion • request • shoutbox • webapps
E-Learning System 1.0 – Authentication Bypass & RCE POC
January 16th, 2021 📆 | 7945 Views ⚑
*] *]# Exploit Title: E-Learning System 1.0 - Authentication Bypass & RCE # Exploit Author: Himanshu Shukla & Saurav Shukla
Tagged with: authentication • bypass • elearning • learning • php • PoC • RCE • system • webapps
SmartAgent 3.1.0 – Privilege Escalation
January 13th, 2021 📆 | 2595 Views ⚑
# Exploit Title: SmartAgent 3.1.0 - Privilege Escalation # Date: 01-11-2021 # Exploit Author: Orion Hridoy # Vendor Homepage: https://www.smartagent.io/
Tagged with: escalation • multiple • privilege • smartagent • webapps
Cemetry Mapping and Information System 1.0 – Multiple SQL Injections
January 13th, 2021 📆 | 4685 Views ⚑
# Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple SQL Injections # Exploit Author: Mesut Cetin # Date:
Tagged with: cemetry • information • injections • mapping • multiple • php • SQL • system • webapps
Gila CMS 2.0.0 – Remote Code Execution (Unauthenticated)
January 13th, 2021 📆 | 2768 Views ⚑
# Exploit Title: Gila CMS 2.0.0 - Remote Code Execution (Unauthenticated) # Date: 1.12.2021 # Exploit Author: Enesdex # Vendor
Tagged with: cms • code • execution • Gila • php • remote • unauthenticated • webapps
Prestashop 1.7.7.0 – ‘id_product’ Time Based Blind SQL Injection
January 11th, 2021 📆 | 3805 Views ⚑
# Exploit Title: Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection # Date: 08-01-2021 # Exploit Author: Jaimin Gondaliya
Tagged with: based • blind • idproduct • injection • php • prestashop • product • SQL • Time • webapps
Popular
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
GitLab 11.4.7 – Remote Code Execution (Authenticated) December 20, 2020 # Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution (No…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…- Task Management System 1.0 –… December 20, 2020 # Exploit Title: Task Management System 1.0 - 'page' Local…
Members
Comments