Best pos Management System v1.0 - SQL Injection Vulnerability

Exploit Title: Best pos Management System v1.0 - SQL Injection Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link: https://www.sourcecodester.com/sites/default/files/download/mayurik/kruxton.zip Version:...

Human Resources Management System v1.0 - Multiple SQLi

Exploit Title: Human Resources Management System v1.0 - Multiple SQLi Date: 16/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.ht...

WordPress GigPress 2.3.8 SQL Injection Vulnerability

WordPress GigPress plugin version 2.3.8 suffers from a remote SQL injection vulnerability. Title: SQLi vulnerabilities in WordPress plugin "GigPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/gigpress/ Active installs: 20,000+...

Coremail官网SQL注入可读全库

简要描述： coremail官网存在注入，有防护，可绕过。 详细说明： 漏洞地址：http://www.coremail.cn/gjzc2/list117.aspx?lcid=412 漏洞证明： 有防护，直接用sqlmap加个tamper=chardoubleencode.py可以跑出来。 这个是sqlmap用的payload： Place: GET Parameter: lcid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: lcid=412 AND...