Результаты поиска

Music Gallery Site v1.0 - SQL Injection on music_list.php # Exploit Title: Music Gallery Site v1.0 - SQL Injection on music_list.php # Exploit Author: Muhammad Navaid Zafar Ansari # Date: 21 February 2023 ### CVE Assigned...

Music Gallery Site v1.0 - Broken Access Control # Exploit Title: Music Gallery Site v1.0 - Broken Access Control # Exploit Author: Muhammad Navaid Zafar Ansari # Date: 21 February 2023 ### CVE Assigned: **[CVE-2023-0963](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0963)**...

Music Gallery Site v1.0 - SQL Injection on page view_music_details.php # Exploit Title: Music Gallery Site v1.0 - SQL Injection on page view_music_details.php # Exploit Author: Muhammad Navaid Zafar Ansari # Date: 21 February 2023 ### CVE Assigned...

Best pos Management System v1.0 - Remote Code Execution (RCE) on File Upload # Exploit Title: Best pos Management System v1.0 - Remote Code Execution (RCE) on File Upload # Google Dork: NA # Date: 17/2/2023 # Exploit Author: Ahmed Ismail (@MrOz1l) # Vendor Homepage...

Auto Dealer Management System 1.0 - Broken Access Control Exploit # Exploit Title: Auto Dealer Management System 1.0 - Broken Access Control Exploit It leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account ### Date: > 18 February...

Auto Dealer Management System v1.0 - SQL Injection # Exploit Title: Auto Dealer Management System v1.0 - SQL Injection # Author Name: Muhammad Navaid Zafar Ansari ### Date: > 18 February 2023 ### CVE Assigned: **[CVE-2023-0912](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0912)**...

Answerdev 1.0.3 - Account Takeover # Exploit Title: Answerdev 1.0.3 - Account Takeover # Date: Reported on Jan 24th 2023 # Exploit Author: Eduardo Pérez-Malumbres Cervera @blueudp # Vendor Homepage: https://answer.dev/ # Software Link: https://github.com/answerdev/answer # Version: 1.0.3 #...

Art Gallery Management System Project in PHP v 1.0 - SQL injection # Exploit Title: Art Gallery Management System Project in PHP v 1.0 - SQL injection # Date: 31-01-2023 # Exploit Author: Yogesh Verma # Vendor Homepage: https://y0gesh-verma.github.io/ # Software Link...

Simple Task Managing System v1.0 - SQL Injection (Unauthenticated) # Exploit Title: Simple Task Managing System v1.0 - SQL Injection (Unauthenticated) # Date: 2022-01-09 # Exploit Author: Hamdi Sevben # Vendor Homepage...

Intern Record System v1.0 - SQL Injection (Unauthenticated) # Exploit Title: Intern Record System v1.0 - SQL Injection (Unauthenticated) # Date: 2022-06-09 # Exploit Author: Hamdi Sevben # Vendor Homepage: https://code-projects.org/intern-record-system-in-php-with-source-code/ # Software Link...

Art Gallery Management System Project v1.0 - SQL Injection (cid) Unauthenticated # Exploit Title: Art Gallery Management System Project v1.0 - SQL Injection (cid) Unauthenticated # Date: 20/01/2023 # Exploit Author: Rahul Patwari # Vendor Homepage: https://phpgurukul.com/ # Software Link...

Art Gallery Management System Project v1.0 - SQL Injection (editid) authenticated # Exploit Title: Art Gallery Management System Project v1.0 - SQL Injection (editid) authenticated # Date: 20/01/2023 # Exploit Author: Rahul Patwari # Vendor Homepage: https://phpgurukul.com/ # Software Link...

Paid Memberships Pro v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection #!/usr/bin/env python # Exploit Title: Paid Memberships Pro v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection # Exploit Author: r3nt0n # CVE: CVE-2023-23488 # Date: 2023/01/24 # Vulnerability discovered by...

Responsive FileManager 9.9.5 - Remote Code Execution (RCE) # Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution (RCE) # Date: 02-Feb-2023 # Exploit Author: Galoget Latorre (@galoget) # Vendor Homepage: https://responsivefilemanager.com # Software Link...

Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS) # Exploit Title: Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS) # Date: 20/01/2023 # Exploit Author: Rahul Patwari # Vendor Homepage: https://phpgurukul.com/ # Software Link...

GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2) # Exploit Title: GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2) # Original Exploit Author: Mehmet Ince # Vendor Homepage: https://getgrav.org # Version: 1.10.7 # Tested on: Debian 10 # Author: legend...

Rocket.Chat 3.12.1 - NoSQL Injection (Unauthenticated) # Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated) # Author: enox # Date: 06-06-2021 # Product: Rocket.Chat # Vendor: https://rocket.chat/ # Vulnerable Version(s): Rocket.Chat 3.12.1 # CVE: CVE-2021-22911 # Credits...

ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution # Exploit Title: ManageEngine Exchange Reporter Plus <= 5310 Unauthenticated RCE # Date: 28-06-2018 # Software Link: https://www.manageengine.com/products/exchange-reports/ # Exploit Author: Kacper Szurek # Contact...

CMS Made Simple 2.2.5 - (Authenticated) Remote Code Execution # Exploit Title: CMS Made Simple 2.2.5 authenticated Remote Code Execution # Date: 3rd of July, 2018 # Exploit Author: Mustafa Hasan (@strukt93) # Vendor Homepage: http://www.cmsmadesimple.org/ # Software Link...

PHPFusion 9.03.50 - Remote Code Execution # Exploit Title: PHPFusion 9.03.50 - Remote Code Execution # Date: 20/05/2021 # Exploit Author: g0ldm45k # Vendor Homepage: https://www.php-fusion.co.uk/home.php # Software Link...