Phone Shop Sales Managements System 1.0 - Arbitrary File Upload

Exploit Title: Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution Date: 2021-07-06 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Car Rental Management System 1.0 - SQL Injection / Local File include

Exploit Title: Car Rental Management System 1.0 - SQL Injection / Local File include Date: 22-10-2020 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

Odoo 12.0 Local File Inclusion

Exploit Title: Odoo 12.0 - Local File Inclusion Date: 2019-06-14 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.odoo.com/ Software Link: https://www.odoo.com/trTR/page/download Version: v12.0 Tested on: Windows/Linux https://github.com/EmreOvunc/Odoo-12.0-LFI-Vulnerabilities...

Web Ofisi Platinum E-Ticaret 5 - (q) SQL Injection Vulnerability

Exploit for linux platform in category web applications Exploit Title: Web Ofisi Platinum E-Ticaret 5 - 'q' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/platinum-e-ticaret-v5.html Demo Site: http://demobul.net/eticaretv5/ Version: v5 Tested on: Kali Linu...

SJS Simple Job Script - SQL Injection / Cross-Site Scripting Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Simple Job Script - Multiple Vulnerabilities Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://simplejobscript.com/ Download Link: https://github.com/niteosoft/simplejobscript/archive/master.zip Demo Site:...

SuperCom Online Shopping Ecommerce Cart 1 - XSS / CSRF / Authentication bypass Vulnerabilities

Exploit for php platform in category web applications Exploit Title: SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass Exploit Author: L0RD Vendor Homepage:...

NodAPS 4.0 - SQL injection Cross-Site Request Forgery

NodAPS 4.0 - SQL injection Cross-Site Request Forgery Exploit Title: Online Booking system - NodAPS 4.0 - 'search' SQL injection / Cross-Site Request Forgery Date: 2018-05-16 Exploit Author: Borna nematzadeh L0RD Vendor Homepage:...

LogicalDOC Enterprise 7.7.4 - Directory Traversal Vulnerability

Exploit for java platform in category web applications LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free...

SynaMan 3.4 Build 1436 - CSRF / XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Multiple vulnerabilities in SynaMan 3.4 Build 1436 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: email protected Vendor Homepage: http://www.synametrics.com Software Link:...

Hycus CMS 1.0.1 - Multiple Cross Site Request Forgery Vulnerabilities

No description provided by source. !--- Title: Hycus CMS 1.0.1 Multiple CSRF Vulnerabilities Author: 10n1z3d 10n1z3datwdotcn Date: Thu 26 Aug 2010 07:53:22 PM EEST Vendor: http://www.hycus.com/ Download: http://www.hycus.com/download/hycuscms-1.0.1.zip --- -= CSRF PoC 1 - Change Admin Password =-...

Link Bid Script 1.5 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. + Link Bid Script 1.5 Multiple Remote SQL Injection + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Remote SQL Injection - Note : For PoC 2 you need administrative rights. Po...

ccms-lfi.txt

CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Download Script : http://rapidshare.com/files/94804716/CCMSv3.1byMikelDean.rar + Local File Inclusion...