An user can delete other user's post

Description As the title, an attacker can delete other user's post via post id can be bruteforce Here is video poc: https://drive.google.com/file/d/18QucWYwkpO9kVPMqNzSQ-ptwrZGk-UP9/view?usp=sharelink Proof of Concept DELETE /api/memo/$1026$ HTTP/2 Host: demo.usememos.com Cookie:...

E-Commerce Group - 'cat.php' SQL Injection

Exploit Title: E-commerce Group cat.php SQL Injection Vulnerability Date: 2010/05/21 Author:BLack Revenge Software Link: Version: Tested on: CVE : ============================== E-commerce Group cat.php SQL Injection Vulnerability Founder: BLaCk RevenGe Email:- [email protected]...