Lucene search
K
PacketstormRecent

50786 matches found

Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.278 views

Backdoor.Win32.Zombam.j Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/a4212f23e1cc3bb34b0dfe15b2ad323e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.j Vulnerability: Remote Stack Buffer Overflow Description: Listens on TCP port...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.266 views

Rock RMS File Upload / Account Takeover / Information Disclosure

Title ========================= Multiple vulnerabilities found in Rock RMS including RCE and account takeover. A total of three CVEs were issued for the vulnerabilities CVE-2019-18641, CVE-2019-18642, CVE-2019-18643 Product Description ========================= Rock RMS is an open source CRM...

7.5CVSS0.3AI score0.04098EPSS
Exploits1
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.297 views

BACKDOOR.WIN32.ADVERBOT Remote Stack Corruption

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/9919c1e86a750dd6d4f0d2a851af29ea.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BACKDOOR.WIN32.ADVERBOT Vulnerability: Remote Stack Corruption Description: Null instruction pointer...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.237 views

Phorpiex Insecure Permissions / Privilege Escalation

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/f4d7d721f68bc9a80aaf53bc184a3c58.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Phorpiex Vulnerability: Insecure permissions EoP Description: Change permissions are granted to...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.205 views

CRUD Operation Software 1.0 Cross Site Scripting

Exploit Title: Multiple Stored XSS in CRUD Operation software Date: 4/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: linux / Lamp Click on add new...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.169 views

Curfew e-Pass Management 1.0 Cross Site Scripting

Exploit Title: Stored XSS in Curfew e-Pass Management Date: 2/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/curfew-e-pass-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10/Wamp 1Log into the application...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.275 views

BACKDOOR.WIN32.BNLITE Remote Heap Corruption

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/f78cef7588f9c32609a4932d10c67f95.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BACKDOOR.WIN32.BNLITE Vulnerability: Remote Heap Corruption Description: When sending a specially...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.280 views

Backdoor.Win32.Infexor.b Remote SEH Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/34c09f7fd6668c89a59ebdc8f12d1e7b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Infexor.b Vulnerability: Buffer Overflow Description: Remote SEH Stack Buffer Overflow...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.326 views

BACKDOOR.WIN32.REMOTEMANIPULATOR Insecure Permissions

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/82183b3d85311a39fb80ae07357594e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BACKDOOR.WIN32.REMOTEMANIPULATOR Vulnerability: Insecure Permissions Description: Creates a dir...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.330 views

Mantis Bug Tracker 2.24.3 SQL Injection

Exploit Title: Mantis Bug Tracker 2.24.3 - 'access' SQL Injection Date: 30/12/2020 Exploit Author: EthicalHCOP Vendor Homepage: https://www.mantisbt.org/ Version: 2.24.3 CVE: CVE-2020-28413 import requests, sys, time from lxml import etree proxies = "http": "http://127.0.0.1:8080", "https":...

0.2AI score0.04725EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.377 views

Knockpy 4.1.1 CSV Injection

Exploit Title: Knockpy 4.1.1 - CSV Injection Author: Dolev Farhi Date: 2020-12-29 Vendor Homepage: https://github.com/guelfoweb/knock Version : 4.1.1 Tested on: Debian 9.13 Knockpy, as part of its subdomain brute forcing flow of a remote domain, issues a HEAD request to the server to fetch detail...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.248 views

Win32 Backdoor 2019-02-ARTRADOWNLOADER SEH Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/8d42c01180be7588a2a68ad96dd0cf85.txt Contact: [email protected] Media: twitter.com/malvuln Threat: WIN32 BACKDOOR - 2019-02-ARTRADOWNLOADER Vulnerabilities: Remote SEH Buffer Overflow and Insecure...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.316 views

Trojan.Win32.Antavka.bz Insecure Permissions / Privilege Escalation

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/2e4573d8925be404a9a1ff49ee2f5bc3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Antavka.bz Vulnerability: Insecure Permissions EoP Description: Change permissions are...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.366 views

Gotenberg 6.2.0 Traversal / Code Execution / Insecure Permissions

1 Multiple vulnerabilities in Gotenberg │ │ │ │ My PDF │ │ │ │ Path: │ .DirPath │ PASSWD: │ toHTML .DirPath "../../../../etc/passwd" │ IP: │ toHTML .DirPath "../../../...

0.2AI score0.05591EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/01/03 12:0 a.m.114 views

Hyland Enterprise Search 11.2.2 Cross Site Scripting

The admin console's event viewer displays logged event data inside of tags. An attack string like "alert'hi'" in any place across Enterprise Search that will cause an error, like instead of a number or for the username on the login page or through the new Federated Authentication, will then be...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/03 12:0 a.m.103 views

Easy CD And DVD Cover Creator 4.13 Denial Of Service

Exploit Title: Easy CD & DVD Cover Creator 4.13 - Denial of Service PoC Date: 22.12.2020 Software Link: http://www.tucows.com/download/windows/files/ezcdsetup.exe Exploit Author: Achilles Tested Version: 4.13 Tested on: Windows 7 x64 Sp1 1.- Run python code :Creator.py 2.- Open EVIL.txt and copy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/03 12:0 a.m.129 views

4images 1.7.11 Cross Site Scripting

Exploit Title: 4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting Date: 30-12-2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.4homepages.de/ Software Link: https://www.4homepages.de/download-4images Version: 1.7.11 Tested on: Windows 10/Kali Linux Vulnerable Parameters:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/02 12:0 a.m.142 views

MiniTool ShadowMaker 3.2 Unquoted Service Path

Exploit Title: MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path Discovery by: Thalia Nieto Discovery Date: 02/01/21 Vendor Homepage: https://www.minitool.com Software Link: https://www.minitool.com/backup/thanks-download.html?v=sm-free&r=download-center/ Tested Version: 3.2...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/02 12:0 a.m.187 views

WordPress Core 5.2.2 Cross Site Scripting

Exploit Title: Wordpress Core 5.2.2 - 'post previews' XSS Date: 31/12/2020 Exploit Author: gx1 Vulnerability Discovery: Simon Scannell Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Version: = 5.2.2 Tested on: any CVE: CVE-2019-16223 References:...

3.5CVSS6.2AI score0.05181EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/31 12:0 a.m.356 views

Openpilot Default SSH Key Scanner

!/bin/bash openpilot-scan.sh Jeremy Brown jbrown3264/gmail Dec 2020 Checks for openpilot devices using the default SSH key Setup apt-get install -y masscan && setcap capnetraw=ep /usr/bin/masscan wget -q https://raw.githubusercontent.com/commaai/openpilot/master/tools/ssh/idrsa chmod 600 idrsa...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/31 12:0 a.m.307 views

qdPM 9.1 PHP Object Injection

-------------------------------------------------------------- qdPM getParameter'format'; 299. $filename = $request-getParameter'filename'; 300. 301. $export = unserialize$request-getParameter'export'; User input passed through the "export" request parameter is not properly sanitized before being...

0.1AI score0.02502EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/31 12:0 a.m.562 views

Zoom Meeting Connector Post-Auth Remote Root

!/usr/bin/python -- coding: UTF-8 -- zoomer.py Zoom Meeting Connector Post-auth Remote Root Exploit Jeremy Brown jbrown3264/gmail Dec 2020 The Meeting Connector Web Console listens on port 5480. On the dashboard under Network - Proxy, one can enable a proxy server. All of the fields are sanitized...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/29 12:0 a.m.550 views

Cassandra Web 0.5.0 Remote File Read

!/usr/bin/python -- coding: UTF-8 -- cassmoney.py Cassandra Web 0.5.0 Remote File Read Exploit Jeremy Brown jbrown3264/gmail Dec 2020 Cassandra Web is vulnerable to directory traversal due to the disabled Rack::Protection module. Apache Cassandra credentials are passed via the CLI in order for th...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/29 12:0 a.m.635 views

HPE Edgeline Infrastructure Manager Improper Authorization

!/usr/bin/python -- coding: UTF-8 -- billhader.py HPE Edgeline Infrastructure Manager Multiple Remote Vulnerabilities Jeremy Brown jbrown3264/gmail Dec 2020 In \opt\hpe\eim\containers\api\eim\api\urls.py, some private paths are defined which are intended to only be accessible via the local consol...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/28 12:0 a.m.441 views

SEOPanel 4.6.0 Cross Site Scripting

Hello, We are informing you about Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerabilities in SEOPanel Affected Software: SEOPanel Affected Versions: 4.6.0 Vendor Homepage: https://www.seopanel.org/...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/27 12:0 a.m.244 views

CHMSC Elearning System 1.0 SQL Injection

Exploit Title: CHMSC Elearning System 1.0 - SQL Injection Exploit Author: Ferhat Çil Date: 2020-12-25 Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/27 12:0 a.m.491 views

URVE Software Build 24.03.2020 Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-042 Product: URVE Software Manufacturer: Eveo Sp. z o.o. Affected Versions: Build "24.03.2020" Tested Versions: Build "24.03.2020" Vulnerability Type: Cleartext Storage of Sensitive Information CWE-312 Exposure of Sensitive...

5CVSS7.7AI score0.01421EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/26 12:0 a.m.351 views

URVE Software Build 24.03.2020 Missing Authorization

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-041 Product: URVE Software Manufacturer: Eveo Sp. z o.o. Affected Versions: Build "24.03.2020" Tested Versions: Build "24.03.2020" Vulnerability Type: Missing Authorization CWE-862 Risk Level: High Solution Status: Open...

8.5CVSS0.02834EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/26 12:0 a.m.395 views

Philips Hue Denial Of Service

Credits: Ilia Shnaidman + @0x496c on Twitter + https://www.iliashn.com Vendor: ============= Philips Lighting Holding B.V Product: ============= Philips Hue Hub - all Vulnerability Type: ====================== Denial of Service Security Issue: =============== Philips Hue is vulnerable to Denial...

5CVSS7.7AI score0.02308EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/25 12:0 a.m.501 views

URVE Software Build 24.03.2020 Authentication Bypass / Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-040 Product: URVE Software Manufacturer: Eveo Sp. z o.o. Affected Versions: Build "24.03.2020" Tested Versions: Build "24.03.2020" Vulnerability Type: Missing Authentication for Critical Function CWE-306 Risk Level: High...

10CVSS0.8AI score0.04818EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/24 12:0 a.m.499 views

GitLab 11.4.7 Remote Code Execution

Exploit Title: GitLab 11.4.7 - RCE Authenticated Date: 24th December 2020 Exploit Author: Sam Redmond Software Link: https://gitlab.com/ Environment: GitLab 11.4.7, community edition CVE: CVE-2018-19571 + CVE-2018-19585 Version: 11.4.7 !/usr/bin/python3 import requests from bs4 import BeautifulSo...

5CVSS7.5AI score0.2819EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/12/24 12:0 a.m.1246 views

Apache Struts 2 Forced Multi OGNL Evaluation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Struts 2 Forced Multi OGNL Evaluation', 'Description' = %q The Apache Struts framework, when forced, performs double evaluation of...

7.5CVSS9.8AI score0.97399EPSS
Exploits23
Packet Storm
Packet Storm
added 2020/12/24 12:0 a.m.576 views

WordPress WP-PostRatings 1.86 Cross Site Scripting

Exploit Title: WordPress Plugin WP-PostRatings 1.86 - 'postratingsimage' Cross-Site Scripting Date: 20-12-2018 Software Link: https://wordpress.org/plugins/wp-postratings/ Exploit Author: Park Won Seok Version: wp-postratings.1.86 Tested on: Windows 10 x64 description: A Stored Cross-site scripti...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/24 12:0 a.m.734 views

WordPress Adning Advertising 1.5.5 Shell Upload

Exploit Title: WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/angwp Date: 23/12/2020 Exploit Author: spacehen Vendor Homepage: http://adning.com/ Version: spacehen www.lunar.sh" def printusage: print"Usage: python3 exploit.py target url ph...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/24 12:0 a.m.241 views

Arteco Web Client DVR/NVR Session Hijacking

!/usr/bin/env python3 Arteco Web Client DVR/NVR 'SessionId' Cookie Brute Force Session Hijacking Exploit Vendor: Arteco S.U.R.L. Product web page: https://www.arteco-global.com Affected version: n/a Summary: Arteco DVR/NVR is a mountable industrial surveillance server ideal for those who need to...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.196 views

10-Strike Network Inventory Explorer Pro 9.05 Buffer Overflow

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow SEH Date: 2020-12-22 Exploit Author: Florian Gassner Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.05 Tested on...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.209 views

Sales And Inventory System For Grocery Store 1.0 Cross Site Scripting

Exploit Title: Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/11238/sales-and-inventory-system-grocery-store.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.238 views

Online Learning Management System 1.0 Cross Site Scripting

Exploit Title: Online Learning Management System 1.0 - Multiple Stored XSS Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...

Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.216 views

TerraMaster TOS 4.2.06 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a unauthenticated command execution...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.434 views

Online Learning Management System 1.0 SQL Injection

Exploit Title: Online Learning Management System 1.0 - Authentication Bypass Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.236 views

WordPress Epsilon Framework SSRF / Denial of Service

Exploit Title: Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection Date: 22/12/2020 Exploit Authors: gx1 lotar Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Affected Themes: shapely - Fixed in version 1.2.9 newsmag - Fix...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.191 views

Class Scheduling System 1.0 Cross Site Scripting

Exploit Title: Class Scheduling System 1.0 - Multiple Stored XSS Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/5175/class-scheduling-system.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.143 views

TerraMaster TOS 4.2.06 Remote Code Execution

Exploit Title: TerraMaster TOS 4.2.06 - RCE Unauthenticated Date: 12/12/2020 Exploit Author: IHTeam Full Write-up: https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ Vendor Homepage: https://www.terra-master.com/ Version: " /usr/w...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/23 12:0 a.m.405 views

Baby Care System 1.0 SQL Injection

Exploit Title: Baby Care System 1.0 - 'roleid' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.190 views

Faculty Evaluation System 1.0 Cross Site Scripting

Exploit Title: Faculty Evaluation System 1.0 - Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.180 views

Multi Branch School Management System 3.5 Cross Site Scripting

Exploit Title: Multi Branch School Management System 3.5 - "Create Branch" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-21 Google Dork: N/A Vendor Homepage: https://www.ramomcoder.com/ Software Link: https://codecanyon.net/item/ramom-multi-branch-school-management-system/25182324 Affecte...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.481 views

Pandora FMS 7.0 NG 750 SQL Injection

Exploit Title: Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection Authenticated Date: 12-21-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/d08e60f13a858fbd22ce6b83fa8ca391c608ec5c Software...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.333 views

Artworks Gallery Management System 1.0 SQL Injection

Exploit Title: Artworks Gallery Management System 1.0 - 'id' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14634/artworks-gallery-management-system-php-full-source-code.html Software Link:...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.441 views

Webmin 1.962 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...

9CVSS8.7AI score0.77813EPSS
Exploits10
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.273 views

CSE Bookstore 1.0 SQL Injection

Exploit Title : CSE Bookstore 1.0 - Multiple SQL Injection Date : 2020-12-21 Author : Musyoka Ian Version : CSE Bookstore 1.0 Vendor Homepage: https://projectworlds.in/ Platform : PHP Tested on : Debian CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR...

Exploits0
Total number of security vulnerabilities50786