11 matches found
Quicklancer 1.0 SQL Injection
Exploit Title: Quicklancer v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/quicklancer-freelance-marketplace-php-script/39087135 Demo Site: https://quicklancer.bylancer.com Tested on: Kali Linux CVE: N/A Request POST /php/user-ajax.php...
Stackposts Social Marketing Tool v1.0 - SQL Injection Vulnerability
Exploit Title: Stackposts Social Marketing Tool v1.0 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/stackposts-social-marketing-tool/21747459 Demo Site: https://demo.stackposts.com Tested on: Kali Linux CVE: N/A Request POST /spmo/auth/login HTTP/1.1...
CVE-2022-3141 Translatepress Multilinugal < 2.3.3 - Admin+ SQLi
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected...
Translatepress Multilinugal < 2.3.3 - Admin+ SQLi
The plugin is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. PoC To exploit the vulnerability, someone must send a...
One Church Management System 1.0 SQL Injection Vulnerability
Exploit Title: One Church Management System 1.0 - attendancy.php search2 SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church...
Ticketly 1.0 - kind_id SQL Injection
Ticketly 1.0 - kindid SQL Injection Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...
Jelastic 5.4 - host SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Jelastic 5.4 - 'host' SQL injection Exploit Author: Procode701 Vendor Homepage: https://jelastic.com/ Software Link: https://jelastic.com/ Version: 5.4 Tested on: Kali Linux CVE : N/A POC: The application...
Listing Hub CMS 1.0 SQL Injection
Exploit Title: Listing Hub CMS 1.0 - Multiple SQL Injection Dork: N/A Date: 27.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/listing-hub-cms-directory-listings-theme/21361294 Version: 1.0 Category: Webapps Tested on: Kali linux Description : An...
Fancy Clone Script - search_browse_product SQL Injection
Fancy Clone Script - searchbrowseproduct SQL Injection Exploit Title: Fancy Clone Script - 'searchbrowseproduct' SQL Injection Date: 2018-01-31 Exploit Author: 8bitsec Vendor Homepage: https://pofitec.com/ Software Link: https://pofitec.com/fancy-clone-script.php Version: 1.0 Tested on: Kali Linu...
Advance Loan Management System - 'id' SQL Injection
Exploit Title: Advance Loan Management System - 'id' SQL Injection Date: 2018-01-31 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/advance-loan-management-system-with-savings-system-and-sms-notification/21283070 Version: 1.0 Tested on:...
Joomla! Component JO Facebook Gallery v4.5 - SQL Injection
Joomla! Component JO Facebook Gallery v4. 5 - SQL Injection index. php id parameter into the SQL statement exist GET the type of injection Injection point: http://localhost/PATH/index. php? option=comjofacebookgallery&view=category&id=SQL http://localhost/PATH/index. php?...