334 matches found
PHPJabbers Bus Reservation System 1.1 Cross Site Scripting
Exploit Title: PHPJabbers Bus Reservation System 1.1 - Reflected XSS Exploit Author: CraCkEr Date: 20/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/bus-reservation-system/ Tested on: Windows 10 Pro Impact: Manipulate the content ...
SEMCMS SQL注入漏洞
SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS version 1.5 suffers from a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the parameter id of /AntSuxin.php, which can be exploited b...
Campcodes Beauty Salon Management System 跨站脚本漏洞
Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes, Inc. A cross-site scripting vulnerability exists in Campcodes Beauty Salon Management System version 1.0, which originates from an unknown part of /admin/add-category.php and results in cross-site scripti...
Exploit for Cross-site Scripting in Buildagate_Project Buildagate
Exploit Title: BuildaGate5library - Reflected Cross-Site Scrip...
CVE-2023-34835
A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...
Super Socializer 7.13.52 - Reflected XSS Exploit
Exploit Title: Super Socializer 7.13.52 - Reflected XSS Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=thechampsharingcount&urls%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E=https://www.google.com Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor...
WG Ticket 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
QuickHomes Real Estate CMS 1.3 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Scriptio 1.4 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Service Provider Management System v1.0 - SQL Injection Vulnerability
Exploit Title: Service Provider Management System v1.0 - SQL Injection Exploit Author: Ashik Kunjumon Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link:...
Service Provider Management System v1.0 - SQL Injection
Exploit Title: Service Provider Management System v1.0 - SQL Injection Date: 2023-05-23 Exploit Author: Ashik Kunjumon Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link:...
HouseKit 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
VOTAB Voting Quiz PHP Script 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Cmaps v8.0 - SQL injection
Exploit Title: Cmaps v8.0 - SQL injection - Date: 27.04.2023 - Exploit Author: Lucas Noki 0xPrototype - Vendor Homepage: https://github.com/vogtmh - Software Link: https://github.com/vogtmh/cmaps - Version: 8.0 - Tested on: Mac, Windows, Linux - CVE : CVE-2023-29809 Description: The vulnerability...
CreativeItem Academy Learning Management System 5.14 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: X2CRM v6.6/6.9 - Reflected Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: model CVE: Use...
Employee Task Management System v1.0 - SQL Injection Vulnerability
Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version:...
Auto Dealer Management System v1.0 - SQL Injection
Exploit Title: Auto Dealer Management System v1.0 - SQL Injection Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Version: v 1.0 Tested...
Helmet Store Showroom 1.0 SQL Injection
Exploit Title: Helmet Store Showroom v1.0 - SQL Injection Exploit Author: Ameer Hamza Date: November 15, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15851/helmet-store-showroom-site-php-and-mysql-free-source-code.html Software Link:...
Auto Dealer Management System 1.0 SQL Injection Vulnerability
Auto Dealer Management System - SQL Injection on page viewtransaction.php and parameter is id, application url is ?page=vehicles/viewtransaction&id=? with low privilege authentication CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari Author Email:...