Teachers Record Management System 2.1 SQL Injection Vulnerability

Exploit Title: Teachers Record Management System v2.1 | Authenticated Time-Based SQLi Exploit Author: Mehmet Can Kadıoğlu a.k.a mao7un Vendor: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ Demo Site: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=10739...

NEX-Forms < 7.9.7 - Authenticated SQLi

The plugin does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. The attack can be executed by anyone who is permitted to view the forms statistics chart, by default administrators, however can be configured otherwise via the plugin setting...

Wordpress RegistrationMagic task_ids Authenticated SQLi

RegistrationMagic, a WordPress plugin, prior to 5.0.1.5 is affected by an authenticated SQL injection via the taskids parameter. Module Options msf use auxiliary/scanner/http/wpregistrationmagicsqli msf auxiliarywpregistrationmagicsqli show actions ...actions... msf auxiliarywpregistrationmagicsq...

GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection

GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities

WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities Title: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/landing-pages/ Active installs: 20,000+...