Exploit for CVE-2025-59287

wsus-decoy Defensive proof of concept decoy for CVE-2025-5928...

Pharmacy Management System 1.0 SQL Injection

Exploit Title: Pharmacy management system - 'email' SQL injection Date: 19/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Version: 1.0...

IFSC Code Finder Project 1.0 - SQL injection (Unauthenticated)

Title: IFSC Code Finder Project 1.0 - SQL injection Unauthenticated Exploit Author: Yash Mahajan Date: 2021-10-07 Vendor Homepage: https://phpgurukul.com/ifsc-code-finder-project-using-php/ Version: 1 Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=14478 Tested On: Windows...

Open Redirect in firefly-iii/firefly-iii

Steps: 1. Login in application and and navigate to bill section and create bill and capture the request. Web applications use different techniques to redirect users to the next page. Apps may use URL query parameters, header values, with JavaScript code, or it may be backend code. In case of this...

Customer Support System 1.0 SQL Injection

Exploit Title: Customer Support System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

Courier Management System 1.0 SQL Injection

Exploit Title: Courier Management System 1.0 - 'MULTIPART street ' SQL Injection Exploit Author: Zhaiyi Zeo Date: 2020-12-11 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

CVE-2020-11129

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130...

eLection 2.0 - (id) SQL Injection Vulnerability

Exploit for php platform in category web applications Title: eLection 2.0 - 'id' SQL Injection Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/election-by-tripath/ Software Link: https://sourceforge.net/projects/election-by-tripath/files/Version 2.0 Tested on Ubuntu...

X (Formerly Twitter): No Rate Limit in email leads to huge Mass mailings

Hi Team, I have found a logical flawNOT DoS in the website 'https://app.mopub.com/' 1.Use Burp Suite and capture below request upon navigation to Code integration 2.Click on Send button after entering email address in the input field of 'Enter one or more email addresses and we'll send you links ...

Enter: Potential for financial loss, negative Values for "Buy fee" and "Sell Fee"

Issue It is possible to set negative values for the Buy Fee and Sell Fee, which will cause unexpected transfers etc. as these settings override the settings at the location. PoC 1. Go to the Operator Wallet's Settings. 2. Click on the users tab. 3. Select any user. 4. Go to settings tab of that...