404 to 301 < 3.1.2 - Reflected Cross-Site Scripting

Description The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=jj4t3-logs&a"alert/XSS/...

Admin-Scanner - This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily

WebsiteAdmin Panel Finder How To Install Linux/pc sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner How to Install Termux/Android pkg update && pkg upgrade pkg install python3 pkg install git gi...

Nexos - Real Estate < 1.6.1 - SQL Injection & Persistent XSS

----- SQL Injection: ----- Vulnerable 'id' parameter is https://listing-themes.com/nexos-wp/wp-admin/admin.php?page=ownlistingaddlisting=8 ----- Persistent XSS: ----- You need a new user account, then go to any property listing on the website and use «ENQUIRY FORM» on the right sidebar...

Quartz Concept Content Manager V3.00 Auth Bypass

No description provided by source. // Exploit Begin. / \ / \ / \ | | |/ | | | Y Y | V\ / Y| || |/ / A ||| \ | | | | || || \ // \ | | | || | | |/ |/|/ |/ :: Quartz Concept Content Manager V3.00 :: Auth Bypass Created By Mr.aFiR Moroccan Hacker Email: [email protected] Website: www.aFiR.me c --...

SG Real Estate Portal 2.0 - Blind SQL Injection

1 $url = $argv1; if $argc $t-1 $count = $i; $i = 30; for $j = 1; $j $count; $j++ for...

Athena PHP Website Administration 0.1 - Remote File Inclusion

Athena PHP Website Administration 0.1 - Remote File Inclusion source: https://www.securityfocus.com/bid/15574/info Athena PHP Website Administration is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...