PHIMS - Hospital Management Information System - Password SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PHIMS - Hospital Management Information System - 'Password' SQL Injection Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage: https://codecanyon.net/item/phims/14974225?srank=1566 Version: All version...

Joomla! Gallery WD 1.3.6 SQL Injection

Exploit Title: Joomla! Component Gallery WD 1.3.6 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://web-dorado.com/ Software Link: https://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-wd/ Software Download:...

EPIC MyChart - X-Path Injection

Exploit Title: Epic Systems Corporation MyChart X-Path Injection Google Dork: MyChart® licensed from Epic Systems Corporation Date: 8/19/16 Exploit Author: Shayan Sadigh http://threat.tevora.com/author/shayan/ Vendor Homepage: https://www.epic.com/software Software Link: N/A Version: N/A Tested o...

Joomla! Component Saxum Astro 4.0.14 - SQL Injection

Joomla! Component Saxum Astro 4.0.14 - SQL Injection Exploit Title: Joomla! Component Saxum Astro 4.0.14 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/living/astrology-a-horoscope/saxumastro/...

Paypal Clone Script 1.0.9 - id / acctype SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Paypal / Money Transfer Clone Script 1.0.9 - SQL Injection Dork: N/A Date: 2018-02-10 Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage: https://www.phpscriptsmall.com/product/paypal-money-transfer-clone/...

Joomla! Zh GoogleMap 8.4.0.0 SQL Injection

input name="id" value="-11 UNION ALL SELECT...

Joomla Zh BaiduMap 3.0.0.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications input name="id" value="-11 UNION ALL SELECT...

Joomla Zh GoogleMap 8.4.0.0 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications input name="id" value="-11 UNION ALL SELECT...

Joomla! Component JSP Tickets 1.1 - SQL Injection

Joomla! Component JSP Tickets 1.1 - SQL Injection Exploit Title: Joomla! Component JSP Tickets 1.1 - SQL Injection Dork: N/A Date: 04.02.2018 Vendor Homepage: http://joomlaserviceprovider.com/ Software Link:...

Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val,...

Professional Local Directory Script 1.0 - SQL Injection

Professional Local Directory Script 1.0 - SQL Injection Exploit Title: Professional Local Directory Script 1.0 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://www.eihitech.com/ Software Link: http://www.eihitech.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

Flexible Poll 1.2 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Flexible Poll 1.2 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://ddywpro.com/ Software Link: https://codecanyon.net/item/flexible-poll/4363114 Version: 1.2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CV...

Wchat 1.5 SQL Injection

Exploit Title: Wchat - Fully Responsive PHP AJAX Chat Script 1.5 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://bylancer.com/ Software Link: https://codecanyon.net/item/wchat-fully-responsive-phpajax-chat/18047319 Version: 1.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

Professional Local Directory Script 1.0 SQL Injection

Exploit Title: Professional Local Directory Script 1.0 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://www.eihitech.com/ Software Link: http://www.eihitech.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5973 Exploit Author: Ihsan Sencan Author...

RSVP Invitation Online 1.0 - Cross-Site Request Forgery (Update Admin)

RSVP Invitation Online 1.0 - Cross-Site Request Forgery Update Admin...

Zechat 1.5 - SQL Injection

Zechat 1.5 - SQL Injection Exploit Title: Facebook Style Php Ajax Chat - Zechat 1.5 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://bylancer.com/ Software Link: https://codecanyon.net/item/facebook-style-php-ajax-chat-zechat/16491266 Version: 1.5 Category: Webapps Tested on:...

PHPFreeChat 1.7 - Denial of Service

PHPFreeChat 1.7 - Denial of Service Exploit Title: phpFreeChat 1.7 and earlier - Denial of Service Version: 1.7 and earlier Date: 21/01/2018 Vendor Homepage: http://www.phpfreechat.net Software Link: http://www.phpfreechat.net/download Exploit Author: A. Pakbaz CVE : CVE-2018-5954 1 $pid=pcntlfor...

Taxi Booking Script 1.0 Cross Site Scripting

Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Date: 11.01.2018 Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo: http://demo.phpjabbers.com/1515648238792/index.php?controller=pjAdminUsers&action=pjActionIndex&err=AU01 Version: 1.0 Category:...

FiberHome LM53Q1 - Multiple Vulnerabilities

FiberHome LM53Q1 - Multiple Vulnerabilities !/usr/bin/python /$$$$$$$$ /$$ /$$ /$$ /$$ /$$$$$$$ /$$ /$$$$$$$$ /$$ /$$ /$$ | $$/|/| $$ | $$ | $$ | $$ $$ | $$ | $$/ | $$ |/ | $$ | $$ /$$| $$$$$$$ /$$$$$$ /$$$$$$ | $$ | $$ /$$$$$$ /$$$$$$/$$$$ /$$$$$$ | $$ \ $$ /$$$$$$ /$$$$$$/$$$$ /$$$$$$ /$$$$$$...

GoodTravel Travel And Locations 1.0 Cross Site Scripting Vulnerability

GoodTravel Travel and Locations PHP script and mobile application version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: GoodTravel - Travel & Locations PHP Script & Mobile App - xss Google Dork: N/A Date: 2017/28/12 Exploit Author: ShanoWeb Author Mail :...