osTicket 1.11 Cross Site Scripting / Local File Inclusion

Exploit Title: osTicket v1.11 - Cross-Site Scripting to Local File Inclusion Date: 09.04.2019 Exploit Author: Özkan Mustafa Akkuş AkkuS @ehakkus Contact: https://pentest.com.tr Vendor Homepage: https://osticket.com Software Link: https://github.com/osTicket/osTicket References:...

osTicket 1.11 - Cross-Site Scripting / Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications Exploit Title: osTicket v1.11 - Cross-Site Scripting to Local File Inclusion Exploit Author: Özkan Mustafa Akkuş AkkuS @ehakkus Contact: https://pentest.com.tr Vendor Homepage: https://osticket.com Software Link:...

osTicket 1.11 - Cross-Site Scripting / Local File Inclusion

Exploit Title: osTicket v1.11 - Cross-Site Scripting to Local File Inclusion Date: 09.04.2019 Exploit Author: Özkan Mustafa Akkuş AkkuS @ehakkus Contact: https://pentest.com.tr Vendor Homepage: https://osticket.com Software Link: https://github.com/osTicket/osTicket References:...

Jobberbase CMS 2.0 SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Jobberbase CMS - 'jobs-in' SQL Injection Exploit Author: Suvadip Kar Vendor Homepage: http://jobberbase.com/ Software Link:...

NIT-Warangal Dispensary Management System India 1.0 Database Disclosure

Exploit Title : NIT-Warangal Dispensary Management System India 1.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 15/04/2019 Vendor Homepage : nitw.ac.in Software Download Link : github.com/NIT-Warangal/DispensaryMS/archive/master.zip Sofwa...

Jobberbase CMS 2.0 SQL Injection

=========================================================================================== Exploit Title: Jobberbase CMS - 'jobs-in' SQL Injection Dork: N/A Date: 30-03-2019 Exploit Author: Suvadip Kar Vendor Homepage: http://jobberbase.com/ Software Link:...

OrangeScrum Project Management Software 1.6.1 Database Disclosure

Exploit Title : OrangeScrum Project Management Software 1.6.1 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 12/04/2019 Vendor Homepage : orangescrum.com Software Download Link : orangescrum.org/free-download...

JobSkee Open Source JobBoard 1.1.3 Database Disclosure

Exploit Title : JobSkee Open Source JobBoard 1.1.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 12/04/2019 Vendor Homepage : jobskee.com Software Download Link : jobskee.com/download.php Software Information Link :...

YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure

Exploit Title : YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 10/04/2019 Vendor Homepage : jetbrains.com - yiiframework.com Software Download Link : github.com/johannesMatevosyan/yii-cms/archive/master.zip...

Tradebox CryptoCurrency - symbol SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Tradebox - CryptoCurrency Buy Sell and Trading Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.bdtask.com Software Link: tradebox.bdtask.com/demo-v5.3/ Version: 5.4 Category: Webapps Tested on: WAMPP @Win Software...

Tradebox CryptoCurrency - 'symbol' SQL Injection

Title: Tradebox - CryptoCurrency Buy Sell and Trading Date: 04.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.bdtask.com Software Link: tradebox.bdtask.com/demo-v5.3/ Version: 5.4 Category: Webapps Tested on: WAMPP @Win Software description: Tradebox – CryptoCurrency Buy Sel...

Tradebox CryptoCurrency 5.4 SQL Injection

Title: Tradebox - CryptoCurrency Buy Sell and Trading Date: 04.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.bdtask.com Software Link: tradebox.bdtask.com/demo-v5.3/ Version: 5.4 Category: Webapps Tested on: WAMPP @Win Software description: Tradebox – CryptoCurrency Buy Sel...

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass) Vulnerability

Exploit for php platform in category web applications Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP...

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)

FreeSMS 2.1.2 - SQL Injection Authentication Bypass Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps...

FreeSMS 2.1.2 SQL Injection

Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP for Linux Software Description :...

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)

Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP for Linux Software Description :...

Clinic Pro v4 - month SQL Injection

Clinic Pro v4 - month SQL Injection Title: Clinic Pro - Clinic Management Software Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://softwebinternational.com Software Link: https://cms.softwebinternational.com Category: Webapps Tested on: WAMPP @Win Software description: I...

PhreeBooks ERP 5.2.3 - Arbitrary File Upload

PhreeBooks ERP 5.2.3 - Arbitrary File Upload PhreeBooks ERP v5.2.3 - Arbitrary File Upload Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/files/latest/download Category: Webapps Version: 5.2.3...

Clinic Pro v4 - month SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Clinic Pro - Clinic Management Software Exploit Author: Abdullah Çelebi Vendor Homepage: https://softwebinternational.com Software Link: https://cms.softwebinternational.com Category: Webapps Tested on: WAMPP @Win Software description: ...

PhreeBooks ERP 5.2.3 Remote Command Execution

Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Date: 2010-04-03 Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category: Webapps Tested on: XAMPP for Linux 5.6.38...