Curfew e-Pass Management System 1.0 SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: Curfew e-Pass Management System - 'searchdata' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

User Registration And Login And User Management System 2.1 SQL Injection

Exploit Title: User Registration & Login and User Management System With admin panel - Authentication Bypass Date: 2020-07-04 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

Park Ticketing Management System 1.0 - Authentication Bypass

Exploit Title: Park Ticketing Management System 1.0 - Authentication Bypass Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...

Online Polling System SQL Injection

Exploit Title: Online Polling System Authentication Bypass SQL Injection Date: July 2020 Author: AppleBois Version: NULL Software Link: https://www.sourcecodester.com/php/14330/online-polling-system.html Administration Control Panel || Authentication Bypass Unthenticated User perform SQL Injectio...

Reside Property Management 3.0 SQL Injection

Exploit Title: Reside Property Management 3.0 - 'profile' SQL Injection Date: 2020-06-28 Google Dork: "Copyright 2020 Reside Property Management" Exploit Author: Ultra Security Team Ashkan Moghaddas , AmirMohammad Safari Team Members: Behzad Khalifeh , Milad Ranjbar Vendor Homepage:...

Reside Property Management 3.0 - 'profile' SQL Injection

Exploit Title: Reside Property Management 3.0 - 'profile' SQL Injection Date: 2020-06-28 Google Dork: "Copyright 2020 Reside Property Management" Exploit Author: Ultra Security Team Ashkan Moghaddas , AmirMohammad Safari Team Members: Behzad Khalifeh , Milad Ranjbar Vendor Homepage:...

Information disclosure

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine another application's memory layout...

CVE-2020-9797

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine another application's memory layout...

Hostel Management System 2.0 - (id) SQL Injection (Unauthenticated)

Exploit for php platform in category web applications Exploit Title: Hostel Management System 2.0 - 'id' SQL Injection Unauthenticated Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://phpgurukul.com/hostel-management-system/ Software Link:...

Node.js third-party modules: [diskstats] Command Injection via insecure command concatenation

I would like to report a Command Injection issue in the diskstats module. It allows to execute arbitrary commands on the victim's PC. Module module name: diskstats version: 0.0.2 npm page: https://www.npmjs.com/package/diskstats Module Description This library uses df to pull disk information suc...

School ERP Pro 1.0 - (es_messagesid) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: School ERP Pro 1.0 - 'esmessagesid' SQL Injection Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail...

PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload

Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...

PHP-Fusion 9.03.50 Arbitrary File Upload

Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...

User Management System 2.0 SQL Injection

Exploit Title: User Management System 2.0 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKURT ------...

User Management System 2.0 - Persistent Cross-Site Scripting

Exploit Title: User Management System 2.0 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKU...

Complaint Management System 4.2 - Authentication Bypass

Exploit Title: Complaint Management System 4.2 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT ------ Details: 1- Vulnerable code is here:...

User Management System 2.0 Cross Site Scripting

Exploit Title: User Management System 2.0 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKU...

Complaint Management System 4.2 SQL Injection

Exploit Title: Complaint Management System 4.2 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT ------ Details: 1- Vulnerable code is here:...

Pinger 1.0 - Remote Code Execution Exploit

Exploit for php platform in category web applications Title: Pinger 1.0 - Remote Code Execution Author: Milad Karimi Vendor Homepage: https://github.com/wcchandler/pinger Software Link: https://github.com/wcchandler/pinger Tested on: windows 10 , firefox Version: 1.0 CVE : N/A...

Pinger 1.0 Remote Code Execution

================================================================================ Pinger 1.0 - Simple Pinging Webapp Remote Code Execution ================================================================================ Vendor Homepage: https://github.com/wcchandler/pinger Software Link:...