sospiro@home:~$

Archive

About

Projects

RSS

Blog Posts

  • InstantCMS 2.16.1 Cross Site Scripting

    Exploit Title: InstantCMS - Store XSS Application: InstantCMS Version: v2.16.1 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://instantcms.ru/ Software Link: https://instantcms.ru/get Date: 14.09.2023 Author: SoSPiro Tested on: Windows Description I noticed that you filtered the filter very carefully. But there are still some parts you missed POC Login with admin...

  • Online-Library-Management-System-3-Password-Reset

    Exploit Title: Online Library Management System v3 - Password Reset and Email Matching Vulnerability Date: 12.09.2023 Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-library-management-system/ Version: v3 Tested on: Windows 10 Pro 64 Bit + Wampserver V3.3 CVE: N/A Description: This report outlines a security vulnerability present in the web...

  • Bank Locker Management System SQL Injection

    Exploit Title: Bank Locker Management System - SQL Injection Application: Bank Locker Management System Date: 12.09.2023 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/bank-locker-management-system-using-php-and-mysql/ Tested on: Windows 10 64 bit Wampserver Description: This report highlights a critical SQL Injection vulnerability discovered in the “Bank Locker Management...