Fuel CMS 1.4.8 - 'fuel_replace_id' SQL Injection (Authenticated)

Exploit Title: Fuel CMS 1.4.8 - 'fuelreplaceid' SQL Injection Authenticated Date: 2020-08-19 Exploit Author: c0mpu7er（@ymbank.cn） Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.8.zip Version: 1.4.7 Tested on: PHP 5.4.45, Apache...

Complaint Management System 1.0 - 'cid' SQL Injection

Title: Complaint Management System 1.0 - 'cid' SQL Injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...

PNPSCADA 2.200816204020 - (interf) SQL Injection (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: PNPSCADA 2.200816204020 - 'interf' SQL Injection Authenticated Exploit Author: İsmail ERKEK Vendor Homepage: http://wiki.pnpscada.com/forumHome.jsp Version: 2.200816204020 Tested on: - 1. Description: ----------------------...

PNPSCADA 2.200816204020 SQL Injection

Exploit Title: PNPSCADA 2.200816204020 - 'interf' SQL Injection Authenticated Google Dork: - Date: 2020-08-17 Exploit Author: İsmail ERKEK Vendor Homepage: http://wiki.pnpscada.com/forumHome.jsp Version: 2.200816204020 Tested on: - 1. Description: ---------------------- PNPSCADA 2.200816204020...

Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection

Title: Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-18 Vendor Homepage: https://www.sourcecodester.com/php/14398/pharmacymedical-store-sale-point-using-phpmysql-bootstrap-framework.html Software Link:...

Fuel CMS 1.4.7 SQL Injection

Exploit Title: Fuel CMS 1.4.7 - 'col' SQL Injection Authenticated Google Dork: - Date: 2020-08-01 Exploit Author: Roel van Beurden Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.7.zip Version: 1.4.7 Tested on: Linux Ubuntu 18.04...

Fuel CMS 1.4.7 - 'col' SQL Injection (Authenticated)

Exploit Title: Fuel CMS 1.4.7 - 'col' SQL Injection Authenticated Google Dork: - Date: 2020-08-01 Exploit Author: Roel van Beurden Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.7.zip Version: 1.4.7 Tested on: Linux Ubuntu 18.04...

Fuel CMS 1.4.7 - (col) SQL Injection (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: Fuel CMS 1.4.7 - 'col' SQL Injection Authenticated Exploit Author: Roel van Beurden Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.7.zip Version: 1.4.7 Tested o...

Daily Expenses Management System 1.0 - 'item' SQL Injection

Exploit Title: Daily Expenses Management System 1.0 - 'item' SQL Injection Date: 2020-08-05 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

Daily Expenses Management System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Daily Expenses Management System 1.0 - Multiple SQL Injection Vulnerabilty Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

Online Shopping Alphaware 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Shopping Alphaware 1.0 - Multiple SQL Injection Vulnerabilty Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Daily Expenses Management System 1.0 SQL Injection

Exploit Title: Daily Expenses Management System 1.0 - Multiple SQL Injection Vulnerabilty Date: 2020-8-5 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

Victor CMS 1.0 - 'Search' SQL Injection

Exploit Title: Victor CMS 1.0 - 'Search' SQL Injection Date: 2020-08-04 Exploit Author: Edo Maland Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: XAMPP / Windows 10...

Online Shopping Alphaware 1.0 SQL Injection

Exploit Title: Online Shopping Alphaware 1.0 - Multiple SQL Injection Vulnerabilty Date: 2020-8-4 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

WordPress Email Subscribers & Newsletters 4.2.2 Plugin - (hash) SQL Injection (Unauthenticated)

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Exploit Author: email protectedESEC Vendor Homepage:...

Infor Storefront B2B 1.0 SQL Injection

Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...

Joomla J2 JOBS 1.3.0 - (sortby) Authenticated SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Upda...