21 matches found
eLection 2.0 SQL Injection
Title: eLection 2.0 - 'id' SQL Injection Date: 2020-02-21 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/election-by-tripath/ Software Link: https://sourceforge.net/projects/election-by-tripath/files/Version 2.0 Tested on Ubuntu 19/Kali Rolling The eLection Web...
eLection 2.0 - (id) SQL Injection Vulnerability
Exploit for php platform in category web applications Title: eLection 2.0 - 'id' SQL Injection Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/election-by-tripath/ Software Link: https://sourceforge.net/projects/election-by-tripath/files/Version 2.0 Tested on Ubuntu...
CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)
CandidATS 2.1.0 - Cross-Site Request Forgery Add Admin Title: CandidATS 2.1.0 - Cross-Site Request Forgery Add Admin Date: 2020-02-21 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/auieo/profile/ Software Link: https://sourceforge.net/projects/candidats/files/Version 2.1.0...
eLection 2.0 - id SQL Injection
eLection 2.0 - id SQL Injection Title: eLection 2.0 - 'id' SQL Injection Date: 2020-02-21 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/election-by-tripath/ Software Link: https://sourceforge.net/projects/election-by-tripath/files/Version 2.0 Tested on Ubuntu 19/Ka...
eLection 2.0 - 'id' SQL Injection
Title: eLection 2.0 - 'id' SQL Injection Date: 2020-02-21 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/election-by-tripath/ Software Link: https://sourceforge.net/projects/election-by-tripath/files/Version 2.0 Tested on Ubuntu 19/Kali Rolling The eLection Web...
Ice HRM 26.2.0 - Cross-Site Request Forgery (Add User) Vulnerability
Exploit for php platform in category web applications Exploit Title: Ice HRM 26.2.0 - Cross-Site Request Forgery Add User Exploit Author: J3rryBl4nks Vendor Homepage: https://icehrm.com/ Software Link: https://sourceforge.net/projects/icehrm/Version 26.2.0 Tested on Windows 10/Kali Rolling The Ic...
SOPlanning 1.45 - Cross-Site Request Forgery (Add User) Vulnerability
Exploit for php platform in category web applications Exploit Title: SOPlanning 1.45 - Cross-Site Request Forgery Add User Exploit Author: J3rryBl4nks Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/ Version 1.45 Tested o...
SOPlanning 1.45 SQL Injection
Exploit Title: SOPlanning 1.45 - 'users' SQL Injection Date: 2020-02-14 Exploit Author: J3rryBl4nks, Homebrewer Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/ Version 1.45 Tested on Windows 10/Kali Rolling The SOPlannin...
phpMyChat Plus 1.98 - (pmc_username) SQL Injection Vulnerability
Exploit for php platform in category web applications Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1.98 Tested o...
phpMyChat Plus 1.98 - pmc_username SQL Injection
phpMyChat Plus 1.98 - pmcusername SQL Injection Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Date: 2020-02-13 Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1....
phpMyChat Plus 1.98 - 'pmc_username' SQL Injection
Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Date: 2020-02-13 Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1.98 Tested on Windows 10/Kali Rolling The phpMyCh...
School ERP System 1.0 - Cross Site Request Forgery (Add Admin) Exploit
Exploit for php platform in category web applications Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link:...
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
School ERP System 1.0 - Cross Site Request Forgery Add Admin Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Date: 2020-01-31 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link:...
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Date: 2020-01-31 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link: https://sourceforge.net/projects/school-erp-ultimate/files/ Version ERP-Ultimate CVE:...
Cups Easy 1.0 Cross Site Request Forgery
Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link: https://sourceforge.net/projects/cupseasy/files/cupseasylive-1.0/ Version: 1.0 Tested on Windows 10/Kali...
Node.js third-party modules: Server Side JavaScript Code Injection
I would like to report a Service Side JavaScript Code Injection in fastify. It allows an attacker that can control a single property name in the serialization schema to achieve Remote Command Execution in the context of the web server. Module module name: fastify version: 2.2.0 npm page:...
MSFvenom Payload Creator: MSFPC
MSFvenom Payload Creator MSFPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MSFPC itse...
Malicious Debian Package Generator: kimi
Malicious Debian Package generator Script to generate malicious debian packages debain trojans. Kimi is a script which generates Malicious debian package for metasploit which consists of bash file. the bash file is deployed into “/usr/local/bin/” directory. Backdoor gets executed just when victim...
kimi - Script To Generate Malicious Debian Packages (Debian Trojans)
Script to generate malicious debian packages debain trojans. Kimi is name inspired from "Kimimaro" one of my favriote charater from anime called "Naruto". Kimi is a script which generates Malicious debian package for metasploit which consists of bash file. the bash file is deployed into...
yawast - The YAWAST Antecedent Web Application Security Toolkit
YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information...