Web Exploitation
Websites all around the world are programmed using various programming languages. While there are specific vulnerabilities in each programming language that the developer should be aware of, there are issues fundamental to the internet that can show up regardless of the chosen language or framework. We have shown these vulnerabilities as web security challenges where the user needs to exploit a bug to gain some kind of higher level privilege.
WEBEXP
LimeSurvey 3.17.13 - Cross-Site Scripting
WEBEXP
Surreal todo 0.6.1.2 - local file inclusion
WEBEXP
Blogtorrent 0.92 - remote password disclosure
WEBEXP
Devalcms 1.4a
WEBEXP
Adaptcms lite 1.3 - blind sql injection
WEBEXP
VVhizzy cms 10.02 - local file inclusion
WEBEXP
Slash cms sql
WEBEXP
Bloofoxcms 0.3.5 - information disclousre
WEBEXP
Slash cms cross site scripting
WEBEXP
Faculty evalution system 1.0
WEBEXP
Task management system 1.0
WEBEXP
Online bus ticket reservation 1.0 - sql injection
WEBEXP
Php-fusion 9.03.50 - arbitary file upload
WEBEXP
Online job portal - sql injection
WEBEXP
Remote Security bypass
WEBEXP
Online healthcare management system 1.0 - authentication bypass
WEBEXP
Almuni management system 1.0 - authentication bypass
WEBEXP
Zoo management system 1.0 - authentication bypass
WEBEXP
Company visitor management system (cvms) 1.0 - authentication
WEBEXP
Multi resturant table reservation system 1.0 - table _id
WEBEXP
Water billing system 1.0 - username and password parameters sql
WEBEXP
Customer support system 1.0 - description stored xss in the admin
WEBEXP
Php power browser 1.2 - directory traversal
WEBEXP
Arbitrary file upload vulnerability
WEBEXP
Dairy farm shop management system 1.0 - username sql injection
WEBEXP
Online discussion forum site 1.0 - remote code execution
WEBEXP
Gpeasy 2.3.3 - cross-site scripting
WEBEXP
Online healthcare management system 1.0 - authentication bypass
WEBEXP
Alumni management system 1.0 - authentication bypass
WEBEXP
Zoo management system 1.0 - authentication bypass
WEBEXP
Company visitor management system (cvms) 1.0 - authentication
WEBEXP
Multi restaurant table reservation system 1.0-table_id
WEBEXP
Water billing system 1.0 - username and password parameters sql
WEBEXP
Customer support system 1.0 - description stored xss in the admin
WEBEXP
Php power browse 1.2 - directory traversal
WEBEXP
Arbitrary file upload vulnerability
WEBEXP
Dairy farm shop management system 1.0 - username sq' injection
WEBEXP
Online discussion forum site 1.0 - rernote code execution
WEBEXP
Gpeasy 2.3.3 - cross-site scripting
WEBEXP
Wonder cms 2.3.1 - unrestricted file
WEBEXP
Gpeasy cms - cross-site scripting
WEBEXP
Gl-sh deaf forum 6.4.4 - cross site scripting
WEBEXP
Gl-sh deaf forum 6.4.4 - local file inclusion
WEBEXP
Online scheduling system 1.0 - authentication bypass
WEBEXP
Simple online hotel reservation system - sql injection
WEBEXP
Beauty parlour management system 1.0 - authentication bypass
WEBEXP
Fantastic blog cms 1.0 - id sql injection
WEBEXP
Ruby rails cve-2019-M18
WEBEXP
Appweb cve-2018-8715
WEBEXP
Phpmailer cve-2017-5223
WEBEXP
Php cve-2012-1823
Web Exploitation
Websites all around the world are programmed using various programming languages. While there are specific vulnerabilities in each programming language that the developer should be aware of, there are issues fundamental to the internet that can show up regardless of the chosen language or framework. We have shown these vulnerabilities as web security challenges where the user needs to exploit a bug to gain some kind of higher level privilege.
WEBEXP
LimeSurvey 3.17.13 - Cross-Site Scripting
WEBEXP
Surreal todo 0.6.1.2 - local file inclusion
WEBEXP
Blogtorrent 0.92 - remote password disclosure
WEBEXP
Devalcms 1.4a
WEBEXP
Adaptcms lite 1.3 - blind sql injection
WEBEXP
VVhizzy cms 10.02 - local file inclusion
WEBEXP
Slash cms sql
WEBEXP
Bloofoxcms 0.3.5 - information disclousre
WEBEXP
Slash cms cross site scripting
WEBEXP
Faculty evalution system 1.0
WEBEXP
Task management system 1.0
WEBEXP
Online bus ticket reservation 1.0 - sql injection
WEBEXP
Php-fusion 9.03.50 - arbitary file upload
WEBEXP
Online job portal - sql injection
WEBEXP
Remote Security bypass
WEBEXP
Online healthcare management system 1.0 - authentication bypass
WEBEXP
Almuni management system 1.0 - authentication bypass
WEBEXP
Zoo management system 1.0 - authentication bypass
WEBEXP
Company visitor management system (cvms) 1.0 - authentication
WEBEXP
Multi resturant table reservation system 1.0 - table _id
WEBEXP
Water billing system 1.0 - username and password parameters sql
WEBEXP
Customer support system 1.0 - description stored xss in the admin
WEBEXP
Php power browser 1.2 - directory traversal
WEBEXP
Arbitrary file upload vulnerability
WEBEXP
Dairy farm shop management system 1.0 - username sql injection
WEBEXP
Online discussion forum site 1.0 - remote code execution
WEBEXP
Gpeasy 2.3.3 - cross-site scripting
WEBEXP
Online healthcare management system 1.0 - authentication bypass
WEBEXP
Alumni management system 1.0 - authentication bypass
WEBEXP
Zoo management system 1.0 - authentication bypass
WEBEXP
Company visitor management system (cvms) 1.0 - authentication
WEBEXP
Multi restaurant table reservation system 1.0-table_id
WEBEXP
Water billing system 1.0 - username and password parameters sql
WEBEXP
Customer support system 1.0 - description stored xss in the admin
WEBEXP
Php power browse 1.2 - directory traversal
WEBEXP
Arbitrary file upload vulnerability
WEBEXP
Dairy farm shop management system 1.0 - username sq' injection
WEBEXP
Online discussion forum site 1.0 - rernote code execution
WEBEXP
Gpeasy 2.3.3 - cross-site scripting
WEBEXP
Wonder cms 2.3.1 - unrestricted file
WEBEXP
Gpeasy cms - cross-site scripting
WEBEXP
Gl-sh deaf forum 6.4.4 - cross site scripting
WEBEXP
Gl-sh deaf forum 6.4.4 - local file inclusion
WEBEXP
Online scheduling system 1.0 - authentication bypass
WEBEXP
Simple online hotel reservation system - sql injection
WEBEXP
Beauty parlour management system 1.0 - authentication bypass
WEBEXP
Fantastic blog cms 1.0 - id sql injection
WEBEXP
Ruby rails cve-2019-M18
WEBEXP
Appweb cve-2018-8715
WEBEXP
Phpmailer cve-2017-5223
WEBEXP
