Daily Expense Tracker 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Daily Expense Tracker 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Directory Management System (DMS) 1.0 SQL Injection Vulnerability

Directory Management System DMS version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Directory Management System DMS 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 |...

Employee Record Management System 1.1 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Employee Record Management SystemERMS 1.1 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Daily Expense Tracker 1.0 SQL Injection

Exploit Title: Daily Expense Tracker 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/daily-expense-tracker-using-php-and-mysql/ Software Link:...

Teachers Record Management System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Client Management System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Client Management System 1.0 - 'searchdata' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Park Ticketing Management System 1.0 - 'viewid' SQL Injection

Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...

Park Ticketing Management System 1.0 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: Park Ticketing Management System 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Small CRM 2.0 SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: Small CRM in PHP - 'id' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/small-crm-php/ Software Link:...

User Registration And Login And User Management System 2.1 SQL Injection

Exploit Title: User Registration & Login and User Management System With admin panel - Authentication Bypass Date: 2020-07-04 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Responsive Online Blog 1.0 SQL Injection

Exploit Title: Responsive Online Blog 1.0 - 'single.php?id=' SQL Injection Date: 2020-07-03 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Online DJ Booking Management System Project Report 1.0 SQL Injection / Code Execution Vulnerabilitie

Exploit for php platform in category web applications Exploit Title: Online DJ Booking Management System Project Report - RCE Through SQLi Authenticated User - admin Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Engel & Völkers Technology GmbH: SQL Injection at /displayPDF.php (printshop.engelvoelkers.com)

Intro An SQL injection has been identified. Through this vulnerability an attacker could execute arbitrary SQL statements compromising the integrity of the database and obtain sensitive information, violating the confidentiality of the data. Given the great impact of the vulnerability and...