Student Result Management System 1.0 SQL Injection

Exploit Title: Student Result Management System 1.0 - 'class' SQL Injection Date: 09.09.2020 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage : https://projectworlds.in Software Page: https://projectworlds.in/free-projects/php-projects/student-result-management-system-project-in-php/...

CVE-2020-25362

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

Sql injection

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

CVE-2020-25362

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

Gadget Works Online Ordering System 1.0 SQL Injection / Code Execution

Exploit Title: Gadget works online ordering system - Authentication Bypass SQLi Date: 03/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/13093/gadget-works-online-ordering-system-phpmysqli.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4...

Fast PHP Chat 1.3 SQL Injection

Exploit Title: Fast PHP Chat 1.3 - 'myitemsearch' SQL Injection Date: 15/04/2021 Exploit Author: Fatih Coskun Vendor Homepage: https://codecanyon.net/item/fast-php-chat-responsive-live-ajax-chat/10721076 Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows a...

Fast PHP Chat 1.3 - (my_item_search) SQL Injection Vulnerability

Exploit Title: Fast PHP Chat 1.3 - 'myitemsearch' SQL Injection Exploit Author: Fatih Coskun Vendor Homepage: https://codecanyon.net/item/fast-php-chat-responsive-live-ajax-chat/10721076 Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows an attacker to...

Local Services Search Engine Management System 1.0 SQL Injection

Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - Blind & Error based SQL injection Authenticated Date: 2021-03-02 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...

Online Catering Reservation System 1.0 SQL Injection

Exploit Title: Online Catering Reservation System - SQL Injection Authenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11355/online-catering-reservation.html Software Link:...

Online Documents Sharing Platform 1.0 SQL Injection

Exploit Title: Online Documents Sharing Platform 1.0 - 'user' SQL Injection Date: 21.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://www.sourcecodester.com/php/14653/online-documents-sharing-platform-php-full-source-code.html Software Link:...

CVE-2020-36112

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database on which the web application...

Sql injection

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database on which the web application...

CVE-2020-36112

CVE-2020-36112 affects CSE Bookstore 1.0. The vulnerability is an SQL injection (time-based blind, boolean-based blind, and OR-based) in the pubid parameter of bookPerPub.php and cart.php, allowing an attacker to dump the entire database. Affected software: CSE Bookstore 1.0. Root cause: improper...

CSE Bookstore 1.0 SQL Injection

Exploit Title : CSE Bookstore 1.0 - Multiple SQL Injection Date : 2020-12-21 Author : Musyoka Ian Version : CSE Bookstore 1.0 Vendor Homepage: https://projectworlds.in/ Platform : PHP Tested on : Debian CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR...

Online Shopping Alphaware 1.0 - Error Based SQL injection

Title: Online Shopping Alphaware 1.0 - Error-Based SQL injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-20 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

WPJobBoard < 5.7.0 - Unauthenticated SQL Injection

An Unauthenticated SQL Injection vulnerability was discovered in the WPJobBoard plugin v5.6.4 for WordPress. Vulnerable parameters: type, category. $ :: Payloads Boolean-based blind: /advanced-search/?query=4325&location=4325&type=7 AND 2392=SELECT CASE WHEN 2392=2392 THEN 2392 ELSE SELECT 8365...

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Online Shopping Alphaware 1.0 - &#039;id&#039; SQL Injection

Title: Online Shopping Alphaware 1.0 - 'id' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Complaint Management System 1.0 - (cid) SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Complaint Management System 1.0 - 'cid' SQL Injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...

Complaint Management System 1.0 - &#039;cid&#039; SQL Injection

Title: Complaint Management System 1.0 - 'cid' SQL Injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...