#Exploit Title: October CMS v3.4.4 – Stored Cross-Site Scripting (XSS) (Authenticated) #Date: 29 June 2023 #Exploit Author: Okan Kurtulus #Vendor Homepage: https://octobercms.com #Version: v3.4.4 #Tested on: Ubuntu 22.04 #CVE: 2023-37692 #Proof of Concept: 1-) Install the system through the website […]
#Exploit Title: CMS Made Simple v2.2.17 – Stored Cross-Site Scripting (XSS) (Authenticated) #Date: 25 June 2023 #Exploit Author: Okan Kurtulus #Vendor Homepage: https://www.cmsmadesimple.org #Version: 2.2.17 #Tested on: Ubuntu 18.04 #CVE: 2023-36970 #Proof of Concept: 1-) Install the system through the […]
#Exploit Title: CMS Made Simple v2.2.17 – File Upload Remote Code Execution (Authenticated) #Date: 25 June 2023 #Exploit Author: Okan Kurtulus #Vendor Homepage: https://www.cmsmadesimple.org/ #Version: 2.2.17 #Tested on: Ubuntu 18.0.4 #CVE: 2023-36969 #Proof of Concept: 1-) Install the system through […]
#Exploit Title: Food Ordering System v1.0 – Authenticated SQL Injection #Date: 19 June 2023 #Exploit Author: Okan Kurtulus #Vendor Homepage: https://github.com/haxxorsid/food-ordering-system #Version: 1.0 #Tested on: Windows 11 #CVE: 2023-36968 #Affected Parameter: id #Proof of Concept: 1-) Install Food Ordering System […]
