9 matches found
ICE Hrm 29.0.0.OS - (Account Takeover) Cross-Site Scripting and Session Fixation Vulnerability
Exploit Title: ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Scripting and Session Fixation Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description ICE Hrm Version 29.0.0.OS is vulnerable to session...
FUDForum 3.1.0 - (srch) Reflected XSS Vulnerability
Exploit Title: FUDForum 3.1.0 - 'srch' Reflected XSS Exploit Author: Piyush Patil Vendor Homepage: http://fudforum.org/ Software Link: https://sourceforge.net/projects/fudforum/files/FUDforum3.1.0.zip/download Version: FUDForum 3.1.0 Tested on: Windows 10 and Kali CVE : CVE-2021-27519 -Descriptio...
Products.PluggableAuthService 2.6.0 - Open Redirect
Exploit Title: Products.PluggableAuthService 2.6.0 - Open Redirect Exploit Author: Piyush Patil Affected Component: Pluggable Zope authentication/authorization framework Component Link: https://pypi.org/project/Products.PluggableAuthService/ Version: =2.6.1"...
Plone CMS 5.2.3 - (Title) Stored XSS Vulnerability
Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS Exploit Author: Piyush Patil Vendor Homepage: https://plone.com/ Software Link: https://github.com/plone/Products.CMFPlone/tags Version: 5.2.3 Tested on: Windows 10 Reference - https://github.com/plone/Products.CMFPlone/issues/3255 Steps to...
Plone CMS 5.2.3 Cross Site Scripting
Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://plone.com/ Software Link: https://github.com/plone/Products.CMFPlone/tags Version: 5.2.3 Tested on: Windows 10 Reference -...
Plone CMS 5.2.3 - 'Title' Stored XSS
Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://plone.com/ Software Link: https://github.com/plone/Products.CMFPlone/tags Version: 5.2.3 Tested on: Windows 10 Reference -...
SEO Panel 4.8.0 - (order_col) Blind SQL Injection Vulnerability
Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference - https://github.com/seopanel/Seo-Panel/issues/209 Step 1 - Logi...
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (1)
Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 1 Date: 17/02/2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference -...
SEO Panel 4.8.0 SQL Injection
Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection Date: 17/02/2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference -...