ProjeQtOr Project Management 9.1.4 Shell Upload

Exploit Title: ProjeQtOr Project Management 9.1.4 - Remote Code Execution Date: 29.05.2021 Exploit Author: Temel Demir Vendor Homepage: https://www.projeqtor.org Software Link: https://sourceforge.net/projects/projectorria/files/projeqtorV9.1.4.zip Version: v9.1.4 Tested on: Laragon @WIN10...

Codiad 2.8.4 Shell Upload

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 3 Date: 24.05.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: http://codiad.com/ Software Link: https://github.com/Codiad/Codiad/releases/tag/v.2.8.4 Version: 2.8.4 Tested on Xubuntu 20.04 CVE: CVE-2018-19423 '''...

WordPress SP Project & Document Manager plugin <= 4.21 - Authenticated Shell Upload vulnerability

Authenticated Shell Upload discovered by Viktor Markopoulos vict0ni in WordPress SP Project & Document Manager plugin versions = 4.21. Solution Update the WordPress SP Project & Document Manager plugin to the latest available version at least 4.22...

Design/Logic Flaw

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload permissions could...

Subrion CMS 4.2.1 Shell Upload

Exploit Title: File Upload Bypass to RCE Authenticated Google Dork: N/A Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE :...

ScadaBR 1.0 / 1.1CE Windows Shell Upload

!/usr/bin/python Exploit Title: Authenticated Arbitrary File Upload Remote Code Execution Google Dork: N/A Date: 03/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Software Link: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for...

ScadaBR 1.0 / 1.1CE Linux Shell Upload Exploit

!/usr/bin/python Exploit Title: Authenticated Arbitrary File Upload Remote Code Execution Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Software Link: Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Debian9,10Ubuntu16.04 CVE : CVE-2021-2682...

Customer Relationship Management (CRM) System 1.0 Shell Upload Vulnerability

Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

Customer Relationship Management (CRM) System 1.0 Shell Upload

Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)

Exploit Title: Human Resource Information System 0.1 - Remote Code Execution Unauthenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

Voting System 1.0 Shell Upload

Exploit Title: Voting System 1.0 - Remote Code Execution Unauthenticated Date: 07/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

Internship Portal Management System 1.0 Shell Upload

Exploit Title: Internship Portal Management System 1.0 - Remote Code Execution Via File Upload Unauthenticated Date: 2021-05-04 Exploit Author: argenestel Vendor Homepage: https://www.sourcecodester.com/php/11712/internship-portal-management-system.html Software Link:...

Online Reviewer System SQL Injection Vulnerability

Online Reviewer System is a software application. An online reviewer system. Online Reviewer System version 1.0 suffers from a SQL injection vulnerability that stems from an authentication bypass SQL injection vulnerability that could result in a reverse shell upload. No detailed vulnerability...

CVE-2021-27130

Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload...

Sql injection

Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload...

CVE-2021-27130

Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload...

CVE-2021-27130

Online Reviewer System 1.0 is affected by a SQL injection vulnerability that stems from an authentication bypass, enabling an attacker to bypass login and potentially upload a reverse shell. The flaw is documented across multiple sources (Red Hat, CNVD/CNNVD, CVE records) as a SQL injection throu...

Online Reviewer System SQL注入漏洞

Online Reviewer System is a software application. An online reviewer system. Online Reviewer System version 1.0 suffers from a SQL injection vulnerability that stems from an authentication bypass SQL injection vulnerability that could result in a reverse shell upload. No detailed vulnerability...

Development Kamel KCFinder 1.7 Shell Upload

Exploit Title : Development Kamel - KCFinder Shell Upload Vulnerability + Date : 25/03/2021 + Exploit Author : RAYAN ALi + Home : http://kamel.tech/ + Discovered By : RAYAN + Vendor Homepage : http://kamel.tech/ + Exploit: + http://localhost/resources/admin/Editor/kcfinder/browse.php?type=files +...

Development Kamel KCFinder 1.7 Shell Upload Vulnerability

Exploit Title : Development Kamel - KCFinder Shell Upload Vulnerability + Date : 25/03/2021 + Exploit Author : RAYAN ALi + Home : http://kamel.tech/ + Discovered By : RAYAN + Vendor Homepage : http://kamel.tech/ + Exploit: + http://localhost/resources/admin/Editor/kcfinder/browse.php?type=files +...