Bug Bounty Hunting – PHP Code Injection
Tag: injection
Rebar3 3.13.2 Command Injection
Rebar3 versions 3.0.0-beta.3 through 3.13.2 suffer from a command injection vulnerability.
Daily Expenses Management System 1.0 SQL Injection
# Exploit Title: Daily Expenses Management System 1.0 – Multiple SQL Injection Vulnerabilty # Date: 2020-8-5 # Exploit Author: Edo Maland # Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html # Software Link: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html # Version: 1.0 # Tested on: […]
Apache OFBiz 16.11.04 – XML External Entity Injection
# Exploit Title: Apache OFBiz 16.11.04 – XML External Entity Injection # Date: 2018-10-15 # Exploit Author: Jamie Parfet # Vendor Homepage: https://ofbiz.apache.org/ # Software Link: https://archive.apache.org/dist/ofbiz/ # Version: < 16.11.04 # Tested on: Ubuntu […]
Joomla Component JCK Editor 6.4.4 – ‘parent’ SQL Injection
# Title: Joomla Component JCK Editor 6.4.4 – ‘parent’ SQL Injection # Date: 2018-09-14 # Exploit Author: Hamza Megahed # Vendor Homepage:https://www.joomla.org/ # Download: https://arkextensions.com/products/jck-editor # Version: 6.4.4 # Tested on: Ubuntu, FireFox, # CVE: […]
WordPress Plugin Export Users to CSV 1.1.1 – CSV Injection
# Exploit Title: WordPress Plugin Export Users to CSV 1.1.1 – CSV Injection # Exploit Author: Javier Olmedo # Website: https://hackpuntes.com # Date: 2018-08-14 # Google Dork: N/A # Vendor: Matt Cromwell # Software Link: […]
WAScan – Web Application Scanner
WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner. It is designed to find various vulnerabilities using “black-box” method, that means it won’t study the source code of web applications but will […]
