Search for hundreds of thousands of exploits

"Real Web Pentesting Tutorial Step by Step - [Persian]"


Exploit author

"Meisam Monsef"


Exploit platform


Release date

Exploit published date


Release DateTitleTypePlatformAuthor
2020-07-07"BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation"webappsmultiple"William Summerhill"
2020-07-06"RSA IG&L Aveksa 7.1.1 - Remote Code Execution"webappsmultiple"Jakub Palaczynski"
2020-07-02"OCS Inventory NG 2.7 - Remote Code Execution"webappsmultipleAskar
2020-06-24"BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting"webappsmultiple"William Summerhill"
2020-06-22"WebPort 1.19.1 - Reflected Cross-Site Scripting"webappsmultiple"Emre ÖVÜNÇ"
2020-06-22"FileRun 2019.05.21 - Reflected Cross-Site Scripting"webappsmultiple"Emre ÖVÜNÇ"
2020-06-22"Odoo 12.0 - Local File Inclusion"webappsmultiple"Emre ÖVÜNÇ"
2020-06-17"OpenCTI 3.3.1 - Directory Traversal"webappsmultiple"Raif Berkay Dincel"
2020-06-15"SOS JobScheduler 1.13.3 - Stored Password Decryption"remotemultiple"Sander Ubink"
2020-06-12"SmarterMail 16 - Arbitrary File Upload"
Release DateTitleTypePlatformAuthor
2020-02-27"Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)"webappsphp"Meisam Monsef"
2020-02-24"Real Web Pentesting Tutorial Step by Step - [Persian]"webappsmultiple"Meisam Monsef"
2019-02-21"EI-Tube 3 - SQL Injection"webappsphp"Meisam Monsef"
2018-10-29"MTGAS MOGG Web Simulator Script - SQL Injection"webappsphp"Meisam Monsef"
2018-05-27"Lyrist - 'id' SQL Injection"webappsphp"Meisam Monsef"
2018-05-27"Ingenious School Management System - 'id' SQL Injection"webappsphp"Meisam Monsef"
2017-10-04"ClipBucket 2.8.3 - Remote Code Execution"webappsphp"Meisam Monsef"
2017-08-02"Entrepreneur B2B Script - 'pid' SQL Injection"webappsphp"Meisam Monsef"
2016-07-19"NewsP Free News Script 1.4.7 - User Credentials Disclosure"webappsphp"Meisam Monsef"
2016-07-19" PHP Calendar Script 1.0 - User Credentials Disclosure"webappsphp"Meisam Monsef"
2016-07-08"PHP Real Estate Script 3 - Arbitrary File Disclosure"webappsphp"Meisam Monsef"
2016-06-23"Alibaba Clone B2B Script - Arbitrary File Disclosure"webappsphp"Meisam Monsef"
2016-05-30"Open Source Real Estate Script 3.6.0 - SQL Injection"webappsphp"Meisam Monsef"
2016-05-27"PHP Realestate Script Script 4.9.0 - SQL Injection"webappsphp"Meisam Monsef"
2016-05-04"Alibaba Clone B2B Script - Admin Authentication Bypass"webappsphp"Meisam Monsef"
2015-09-02"SphereFTP Server 2.0 - Crash (PoC)"doswindows"Meisam Monsef"
2015-08-15"Security IP Camera Star Vision DVR - Authentication Bypass"webappshardware"Meisam Monsef"
2015-08-07"PHP News Script 4.0.0 - SQL Injection"webappsphp"Meisam Monsef"
import requests
response = requests.get('')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.