CVE-2021-46451

An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the loadfile function...

CVE-2021-46451

An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the loadfile function...

Computer And Mobile Repair Shop Management 1.0 SQL Injection

Title: Computer and Mobile Repair Shop Management-1.0 SQL - Injections Author: nu11secur1ty Date: 12.28.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15108/computer-and-mobile-repair-shop-management-system-using-phpoop-free-source-code.html...

Computer And Mobile Repair Shop Management 1.0 SQL Injection Vulnerability

Title: Computer and Mobile Repair Shop Management-1.0 SQL - Injections Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15108/computer-and-mobile-repair-shop-management-system-using-phpoop-free-source-code.html Description: The...

CVE-2021-45255

The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with that domain,...

Sql injection

The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with that domain,...

CVE-2021-45255

The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with that domain,...

CVE-2021-45253

The id parameter in viewstorage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted...

Video Sharing Website 1.0 SQL Injection

Title: Video Sharing Website 1.0 SQL - Injection Author: nu11secur1ty Date: 12.18.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14584/video-sharing-website-using-phpmysqli-source-code.html Description: The email parameter from ajax.php app o...

FaScript FaPersianHack 1.0 - (show.php) SQL Injection Vulnerability

No description provided by source. FaScript FaPersianHack v1 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://fascript.com/fapersianhack.zip Injection Adress : http://Sitename/ph/show.php?id=SqL Code Help : In This Script Admin Username and Password Save in...

AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection

No description provided by source. !/usr/bin/python ''' AlienVault has a reflected XSS vulnerability in the url parameter of top.php. Proof of Concept: Enticing a logged in user to visit the following URL where an attacker is hosting an cookie grabber will allow for the hijacking of the user...

Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting Blind SQL Injection

Alienvault Open Source SIEM OSSIM 3.1 - Reflected Cross-Site Scripting Blind SQL Injection !/usr/bin/python ''' AlienVault has a reflected XSS vulnerability in the "url" parameter of "top.php". Proof of Concept: Enticing a logged in user to visit the following URL where an attacker is hosting an...

Links Directory 1.1 (cat_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== Links Directory 1.1 catid Remote SQL Injection Vulnerability ===============================================================...

Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ Gaming Directory 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By:...

Gaming Directory 1.0 - cat_id SQL Injection

Gaming Directory 1.0 - catid SQL Injection --==+================================================================================+==-- --==+ Gaming Directory 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered...

FaScript FaPhoto 1.0 - 'show.php' SQL Injection

AUTHOR : IRCRASH Dr.Crash Script Download : http://en.fascript.com/en.faphoto.zip Injection Adress : http://Sitename/faname/show.php?id= Help : In This Script Admin Username and Password Save in ./admin/pconfig.php You can open this file with loadfile Function in mysql and see admin Username and...

FaScript FaMp3 v1 (show.php) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== FaScript FaMp3 v1 show.php Remote SQL Injection Vulnerability =============================================================== FaScript FaMp3 v1 Remote Sql Injection BY IRCRASH...