what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 16 of 16

Files from Javier Olmedo

Event Registration System With QR Code 1.0 Shell Upload

Posted Jul 28, 2021

Authored by Javier Olmedo

Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, bypass

SHA-256 | fc40291e7f367fc138282d091bd129a8e4f3f89060b16b7bf82ad2b4becc1492

Download | Favorite | View

Joplin Desktop 1.0.184 Cross Site Scripting

Posted Mar 2, 2020

Authored by Javier Olmedo

Joplin Desktop version 1.0.184 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2020-9038

SHA-256 | 16c6f4ff1e49361394b17004119f92616b072979bdd28dd5f1b0c7ebba35ae49

Download | Favorite | View

XMLBlueprint 16.191112 XML Injection

Posted Jan 29, 2020

Authored by Javier Olmedo

XMLBlueprint version 16.191112 suffers from an XML external entity injection vulnerability.

tags | exploit

advisories | CVE-2019-19032

SHA-256 | 578c695a7bac94cbba188e7993ccad84842dd53c1c84168f5daa5d9ce64b42f6

Download | Favorite | View

Easy XML Editor 1.7.8 XML Injection

Posted Jan 20, 2020

Authored by Javier Olmedo

Easy XML Editor version 1.7.8 suffers from an XML external entity injection vulnerability.

tags | exploit

advisories | CVE-2019-19031

SHA-256 | 4753d87c7b3d65ef94e40afc90803be61775b1d49de50248e6006eaa9166836d

Download | Favorite | View

WordPress Import Export WordPress Users 1.3.1 CSV Injection

Posted Aug 23, 2019

Authored by Javier Olmedo

WordPress Import Export WordPress Users plugin version 1.3.1 suffers from a CSV injection vulnerability.

tags | exploit

advisories | CVE-2019-15092

SHA-256 | 2eb7970101409491db20486c52214cd1254e4bdb419a711ba6b82115810d9f67

Download | Favorite | View

Rukovoditel ERP And CRM 2.4.1 Cross Site Scripting

Posted Mar 27, 2019

Authored by Javier Olmedo

Rukovoditel ERP and CRM version 2.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2019-7400

SHA-256 | 12f62dc9fcfbd0ced37ff58e790b178d0c1a515acb1d918c4ae0168f2cc9a699

Download | Favorite | View

Integria IMS 5.0.83 Cross Site Scripting

Posted Dec 19, 2018

Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2018-19828

SHA-256 | f5770dc8399dab6df8212ba01ad2c7655b3fbc8bf3d3f91de4d8036c00042f20

Download | Favorite | View

Integria IMS 5.0.83 Cross Site Request Forgery

Posted Dec 19, 2018

Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2018-19829

SHA-256 | 494dc73a5483a3b5258fb7d29a5efa5434ad403784af2cd871269d10874dfd8e

Download | Favorite | View

PHP Server Monitor 3.3.1 Cross Site Request Forgery

Posted Dec 4, 2018

Authored by Javier Olmedo

PHP Server Monitor version 3.3.1 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf

SHA-256 | d94289a27ecb3b1982a623c3c4d56b22d7b8c406405a0a88642bf566b1b57e03

Download | Favorite | View

Ticketly 1.0 SQL Injection

Posted Nov 21, 2018

Authored by Javier Olmedo

Ticketly version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2018-18923

SHA-256 | 7e5a0bf82d71f83ed84aa8ccf6311d9e4e3a9a7120fc8b08839e3bed699c8d7c

Download | Favorite | View

Ticketly 1.0 Cross Site Request Forgery

Posted Nov 20, 2018

Authored by Javier Olmedo

Ticketly version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 735484e28b65b8a20cedc6bbdcd7daaeb7b21e1f2b3e42deede05f8211ad32b9

Download | Favorite | View

Jorani Leave Management System 0.6.5 SQL Injection

Posted Sep 6, 2018

Authored by Javier Olmedo

Jorani Leave Management System version 0.6.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2018-15918

SHA-256 | 47974d826b3ed08e2eaa6f2150d34c2ce21e673acda68c54fdc0ca5aa529ae0e

Download | Favorite | View

Jorani Leave Management System 0.6.5 Cross Site Scripting

Posted Sep 6, 2018

Authored by Javier Olmedo

Jorani Leave Management System version 0.6.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2018-15917

SHA-256 | 54e2aa00b5032b1aa0b8e795ccc7a6b48a9688e73edfa20ec16db0b59cdd6d4b

Download | Favorite | View

Sentrifugo HRMS 3.2 SQL Injection

Posted Aug 27, 2018

Authored by Javier Olmedo

Sentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 5de61c8d45187e8f83fe96c9df54d7274c33752049c49ebf1c6e4c841e9afde7

Download | Favorite | View

WordPress Export Users To CSV 1.1.1 CSV Injection

Posted Aug 16, 2018

Authored by Javier Olmedo

WordPress Export Users to CSV plugin version 1.1.1 suffers from a CSV injection vulnerability.

tags | exploit

SHA-256 | b300b31e2bd3c5ffcd8e03ac88eda85de9048362ed027cc29e08a93f254916ef

Download | Favorite | View

WordPress All In One Favicon 4.6 Cross Site Scripting

Posted Jul 19, 2018

Authored by Javier Olmedo

WordPress All In One Favicon plugin version 4.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2018-13832

SHA-256 | 0981c4f9c549ca322909202cf2f6c2af66fabbb260e7ca87b4d6c92465148a64

Download | Favorite | View