Online Traffic Offense Management System 1.0 - (id) SQL Injection (Authenticated) Vulnerability

Exploit Title: Online Traffic Offense Management System 1.0 - 'id' SQL Injection Authenticated Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14909/online-traffic-offense-management-system-php-free-source-code.html...

Online Traffic Offense Management System 1.0 SQL Injection

Exploit Title: Online Traffic Offense Management System 1.0 - 'id' SQL Injection Authenticated Date: 19/08/2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link:...

Online Traffic Offense Management System 1.0 - 'id' SQL Injection (Authenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - 'id' SQL Injection Authenticated Date: 19/08/2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link:...

Crime records Management System 1.0 - Multiple SQL Injection (Authenticated) Vulnerability

Exploit Title: Crime records Management System 1.0 - 'Multiple' SQL Injection Authenticated Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/osman-yahaya Software Link:...

Crime Records Management System 1.0 SQL Injection

Exploit Title: Crime records Management System 1.0 - 'Multiple' SQL Injection Authenticated Date: 17/08/2021 Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/osman-yahaya Software Link:...

Simple Image Gallery System 1.0 SQL Injection

Exploit Title: Simple Image Gallery System 1.0 - 'id' SQL Injection Date: 2020-08-12 Exploit Author: Azumah Foresight Xorlali M4sk0ff Vendor Homepage: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Software Link:...

Simple Image Gallery System 1.0 - (id) SQL Injection Vulnerability

Exploit Title: Simple Image Gallery System 1.0 - 'id' SQL Injection Exploit Author: Azumah Foresight Xorlali M4sk0ff Vendor Homepage: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Software Link:...

Simple Image Gallery System 1.0 - 'id' SQL Injection

Exploit Title: Simple Image Gallery System 1.0 - 'id' SQL Injection Date: 2020-08-12 Exploit Author: Azumah Foresight Xorlali M4sk0ff Vendor Homepage: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Software Link:...

COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Date: 09/08/2021 Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...

COVID19 Testing Management System 1.0 - (searchdata) SQL Injection Vulnerability

Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...

Exploit for SQL Injection in Digitaldruid Hoteldruid

CVE 2021-37832 Hotel Druid 3.0.2 SQL Injection Vulnerability...

Care2x Integrated Hospital Info System 2.7 SQL Injection

Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Date: 29.07.2021 Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers :...

Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection

Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Date: 29.07.2021 Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers :...

Care2x Integrated Hospital Info System 2.7 - (Multiple) SQL Injection Vulnerability

Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers : Security For...

uListing < 2.0.4 - Unauthenticated SQL Injection

An Unauthenticated SQL Injection vulnerability was discovered in the plugin. Vulnerable parameters: custom. SQL Injection types: Error-based, Boolean-based Blind, Time-based Blind. PoC 1 | Unauthenticated SQL Injection | Tables: sqlmap...

U.S. Dept Of Defense: SQL injection located in `███` in POST param `████████`

Hey DoD security team! I was able to exploit an SQL injection 1 in one of your domains. Description An SQL injection 1 was discovered in domain https://████████/██████ in the parameter ██████████. The SQL injection was located in a WHERE statment fallowed by a INT value. The vulnerable parameter...

Online Covid Vaccination Scheduler System 1.0 - (username) time-based blind SQL Injection

Exploit Title: Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Popup Like box - Page Plugin < 3.5.3 - Authenticated Blind SQL Injections

The getfblikeboxes function in the plugin did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard PoC SQLMAP: python sqlmap.py -r r.txt -p orderby --level 5 --risk 3 --dbms...

Survey Maker < 1.5.6 - Authenticated Blind SQL Injections

The getresults and getitems functions in the plugin did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard Note WPScanTeam: Other SQLi were identified when confirming the...

FAQ Builder < 1.3.6 - Authenticated Blind SQL Injections

The getfaqs function in the plugin did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard PoC SQLMAP: python sqlmap.py -r r.txt -p orderby --level 5 --risk 3 --dbms MySQL...