444 matches found
delpino73 Blue-Smiley-Organizer 1.32 SQL Injection
Exploit Title: delpino73 Blue-Smiley-Organizer 1.32 - 'datetime' SQL Injection Date: 2019-10-28 Exploit Author: Cakes Vendor Homepage: https://github.com/delpino73/Blue-Smiley-Organizer Software Link: https://github.com/delpino73/Blue-Smiley-Organizer.git Version: 1.32 Tested on: CentOS7 CVE : N/...
delpino73 Blue-Smiley-Organizer 1.32 - (datetime) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: delpino73 Blue-Smiley-Organizer 1.32 - 'datetime' SQL Injection Exploit Author: Cakes Vendor Homepage: https://github.com/delpino73/Blue-Smiley-Organizer Software Link: https://github.com/delpino73/Blue-Smiley-Organizer.git...
waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - 'start' SQL Injection
Exploit Title: waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - 'start' SQL Injection Date: 2019-10-28 Exploit Author: Cakes Vendor Homepage: waldronmatt/FullCalendar-BS4-PHP-MySQL-JSON Software Link: https://github.com/waldronmatt/FullCalendar-BS4-PHP-MySQL-JSON.git Version: 1.21 Tested on:...
CVE-2019-17128
Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection Boolean Based Blind in the redirect parameters and parameter name of the login page through a GET request. The injection allows an attacker to read sensitive information from the database used by the application...
CVE-2019-17128
CVE-2019-17128 affects Netreo OmniCenter up to version 12.1.1, where unauthenticated SQL Injection (Boolean Based Blind) is possible via redirect parameters and the login-page parameter name in a GET request. This allows reading sensitive data from the application’s database. The connected docume...
citecodecrashers Pic-A-Point 1.1 - (Consignment) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection Author: Cakes Vendor Homepage: https://github.com/citecodecrashers/Pic-A-Point Software Link: https://github.com/citecodecrashers/Pic-A-Point/archive/master.zip Test...
citecodecrashers Pic-A-Point 1.1 - Consignment SQL Injection
citecodecrashers Pic-A-Point 1.1 - Consignment SQL Injection Exploit Title: citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection Author: Cakes Discovery Date: 2019-09-26 Vendor Homepage: https://github.com/citecodecrashers/Pic-A-Point Software Link:...
citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection
Exploit Title: citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection Author: Cakes Discovery Date: 2019-09-26 Vendor Homepage: https://github.com/citecodecrashers/Pic-A-Point Software Link: https://github.com/citecodecrashers/Pic-A-Point/archive/master.zip Tested Version: 1.1 Tested on O...
citecodecrashers Pic-A-Point 1.1 SQL Injection
Exploit Title: citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection Author: Cakes Discovery Date: 2019-09-26 Vendor Homepage: https://github.com/citecodecrashers/Pic-A-Point Software Link: https://github.com/citecodecrashers/Pic-A-Point/archive/master.zip Tested Version: 1.1 Tested on O...
Hospital-Management 1.26 - 'fname' SQL Injection
Exploit Title: Hospital-Management 1.26 - 'fname' SQL Injection Author: Cakes Discovery Date: 2019-09-18 Vendor Homepage: https://github.com/Mugerwa-Joseph/hospital-management Software Link: https://github.com/Mugerwa-Joseph/hospital-management/archive/master.zip Tested Version: 1.26 Tested on OS...
Hospital-Management 1.26 SQL Injection
Exploit Title: Hospital-Management 1.26 - 'fname' SQL Injection Author: Cakes Discovery Date: 2019-09-18 Vendor Homepage: https://github.com/Mugerwa-Joseph/hospital-management Software Link: https://github.com/Mugerwa-Joseph/hospital-management/archive/master.zip Tested Version: 1.26 Tested on OS...
CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection
Exploit Title: CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection Author: Cakes Discovery Date: 2019-09-16 Vendor Homepage: https://github.com/SaloniKumari123/CollegeManagementSystem Software Link: https://github.com/SaloniKumari123/CollegeManagementSystem/archive/master.zip Tested Version:...
CVE-2019-14314
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
YouPHPTube 7.2 - userCreate.json.php SQL Injection
YouPHPTube 7.2 - userCreate.json.php SQL Injection Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3...
WordPress JoomSport 3.3 SQL Injection
Exploit Title: JoomSport 3.3 – for Sports - SQL injection Google Dork: intext:powered by JoomSport - sport WordPress plugin Date:29/07/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://beardev.com/ Software Link: https://wordpress.org/plugins/joomsport-sports-league-results-management...
CVE-2019-1010034
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" defined at databasecode.php line 1018 is vulnerable to a boolean-based blind sql injection. This function call can be triggered by...
Sql injection
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" defined at databasecode.php line 1018 is vulnerable to a boolean-based blind sql injection. This function call can be triggered by...
CVE-2019-1010034
WebLibrarian plugin for WordPress (Deepwoods Software) versions 3.5.2 and earlier are affected by a SQL Injection in the AllBarCodes function (database_code.php:1018). The vulnerability can be triggered by any logged-in user with at least Volunteer role or manage_circulation capabilities, potenti...
CVE-2019-1010034
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" defined at databasecode.php line 1018 is vulnerable to a boolean-based blind sql injection. This function call can be triggered by...
Tradebox CryptoCurrency - 'symbol' SQL Injection
Title: Tradebox - CryptoCurrency Buy Sell and Trading Date: 04.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.bdtask.com Software Link: tradebox.bdtask.com/demo-v5.3/ Version: 5.4 Category: Webapps Tested on: WAMPP @Win Software description: Tradebox – CryptoCurrency Buy Sel...