33 matches found
Boelter Blue System Management 1.3 - SQL Injection
Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management version 1.3 Google Dork: inurl:"Powered by Boelter Blue" Date: 2024-06-04 Exploit Author: CBKB DeadlyData, R4d1x Vendor Homepage: https://www.boelterblue.com Software Link:...
Boelter Blue System Management 1.3 SQL Injection
Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management version 1.3 Google Dork: inurl:"Powered by Boelter Blue" Date: 2024-06-04 Exploit Author: CBKB DeadlyData, R4d1x Vendor Homepage: https://www.boelterblue.com Software Link:...
Jobpilot v2.61 - SQL Injection Vulnerability
Exploit Title: Jobpilot v2.61 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET Type: error-based...
Smart School 1.0 SQL Injection
Exploit Title: Smart School v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/smart-school-school-management-system/19426018 Demo Site: https://demo.smart-school.in Tested on: Kali Linux CVE: N/A Request POST /course/filterRecords/ HTTP/1....
Stackposts Social Marketing Tool v1.0 - SQL Injection
Exploit Title: Stackposts Social Marketing Tool v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/stackposts-social-marketing-tool/21747459 Demo Site: https://demo.stackposts.com Tested on: Kali Linux CVE: N/A Request POST /spmo/auth/login...
Warehouse Management System 2022 Multiple SQL injection Vulnerabilities
Title: Warehouse Management System 2022 ML-SQLi Author: nu11secur1ty Date: 06.13.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php-codeigniter-warehouse-management-system-free-source-code Reference:...
ChatBot Application With A Suggestion Feature 1.0 SQL Injection
Exploit Title: ChatBot Application with a Suggestion Feature 1.0 - 'id' Blind SQL Injection Date: 05/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html...
Simple Mobile Comparison Website 1.0 SQL Injection
Title: Simple Mobile Comparison Website v1.0 - SQLi Author: nu11secur1ty Date: 02.23.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15186/simple-mobile-comparison-website-phpoop-free-source-code.html Reference:...
Online Covid Vaccination Scheduler System 1.0 SQL Injection
Exploit Title: Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection Date: 2021-07-07 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
PHP Timeclock 1.04 SQL Injection
Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Date: 03.05.2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Test...
eChat 1.0 SQL Injection Vulnerability
Exploit Title: eChat | Time-Based Blind SQL Injection Exploit Author: email protected Vendor Homepage: https://www.sourcecodester.com/php/10498/echat-simple-chat-system-app-using-phpmysql.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/echat.zip Version:...
eChat 1.0 SQL Injection
Exploit Title: eChat | Time-Based Blind SQL Injection Exploit Author: [email protected] Date: 2021-02-21 Vendor Homepage: https://www.sourcecodester.com/php/10498/echat-simple-chat-system-app-using-phpmysql.html Software Link:...
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Google Dork: N/A Date: 29/1/2021 Exploit Author: Zeyad Azima Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Version: V1 Tested on:...
Contact Form 7 Database Addon < 1.2.5.4 - Authenticated SQL Injections
The plugin did not properly sanitise the formids from the contactform POST array parameter before using them in a SQL statement in the processbulkaction function. This could allow high privilege users, such as admin to perform SQL Injection against the DBMS via the bulk actions: delete, read and...
Phpscript SGH 0.1.0 SQL Injection
Exploit Title: Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection Date: 2020-12-04 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/geraked/phpscript-sgh Software Link: https://github.com/geraked/phpscript-sgh Version: 0.1.0 Tested on: Kali Linux...
Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection
Exploit Title: Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection Date: 2020-12-04 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/geraked/phpscript-sgh Software Link: https://github.com/geraked/phpscript-sgh Version: 0.1.0 Tested on: Kali Linux...
Automattic: Sql injection on docs.atavist.com
hello dear team I have found SQL injection on docs.atavist.com url:http://docs.atavist.com/readerapi/stories.php?limit=10&offset=20&organizationid=88822&search=0&sort= parameters: injectable search=0 Parameter: search GET Type: AND/OR time-based blind Title: MySQL = 5.0.12 AND time-based blind...
Dairy Farm Shop Management System 1.0 SQL Injection
Exploit Title: Dairy Farm Shop Management System 1.0 - 'username' SQL Injection Google Dork: N/A Date: 2020-01-03 Exploit Author: Chris Inzinga Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/ Version: v1.0 Teste...
rimbalinux AhadPOS 1.11 SQL Injection
Exploit Title: rimbalinux AhadPOS 1.11 - 'alamatCustomer' SQL Injection Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/rimbalinux/AhadPOS Software Link: https://github.com/rimbalinux/AhadPOS.git Version: 1.11 Tested on: CentOS 7 CVE: N/A PoC for time-based and boolean...
OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection
Exploit Title: OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection Date: 2018-11-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://sourceforge.net/projects/bigchef/ Software Link: https://sourceforge.net/projects/bigchef/files/latest/download...