Personnel Record Management System 1.0 SQL Injection Vulnerability

Exploit Title: Personnel Record Management System | Admin Bypass sqli Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/5107/record-management-system.html Software Link:...

School Registration And Fee System 1.0 Cross Site Scripting

Exploit Title: School Registration and Fee System | Multiple Stored Cross Site Scripting Exploit Author: Richard Jones Date: 01-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0...

Online News Portal 1.0 - (name) SQL Injection Vulnerability

Exploit Title: Online News Portal 1.0 - 'name' SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

Online News Portal 1.0 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Online News Portal | Stored XSS + CSRF Example Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated) Exploit

Exploit Title: Monitoring System Dashboard 1.0 - File Upload RCE Authenticated Exploit Author: Richard Jones Date: 2021-03-11 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...

Online Voting System 1.0 Authorization Bypass

Exploit Title:Online Voting System | Authentication Bypass Password Change Exploit Author: Richard Jones Date: 2021-01-29 Vendor Homepage: https://www.sourcecodester.com/php/14690/online-voting-system-phpmysqli-full-source-code.html Software...

Responsive ELearning System 1.0 SQL Injection

Exploit Title: Responsive E-Learning System 1.0 – 'id' Sql Injection Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...

PHP 7.2.x < 7.2.34 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...

UBUNTU-CVE-2020-7070

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being...