Skip to content
Life will find its way out
Branch: master
Clone or download
Latest commit 0db3dbd Feb 12, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
AVAYA Scopia Desktop
DbNinja Add files via upload Feb 1, 2019
Guriddo Form PHP
KindEditor Update readme.md Jan 31, 2019
MyWebSQL
PHP-Proxy Update _crack-PHP-Proxy.php Nov 30, 2018
PHPMyWind
SIDU Update readme.md Feb 1, 2019
webERP SQLI-1
webERP SQLI-2
README.md

README.md

Architecture

These exploit of CVEs is together with my colleagues.

CVE ID Attack Vector Product Reference
CVE-2019-7748 Broken Authentication DbNinja [1][2]
CVE-2019-7747 Broken Authentication DbNinja [1][2]
CVE-2019-7731 Remote Code Execution (RCE) MyWebSQL [1][2]
CVE-2019-7730 Cross-site request forgery (CSRF) MyWebSQL [1][2]
CVE-2019-7661 (Wait for Published) N/A PHPMyWind [1][2]
CVE-2019-7660 (Wait for Published) N/A PHPMyWind [1][2]
CVE-2019-7547 XSS SIDU [1][2]
CVE-2019-7546 XSS SIDU [1][2]
CVE-2019-7545 XSS DjNinja [1][2]
CVE-2019-7544 XSS MyWebSQL [1][2]
CVE-2019-7543 XSS KindEditor [1][2]
CVE-2019-7316 SQL Injection Chat2 [1][2]
Negotiations Other Apple Webkit [1][2]
CVE-2019-6999 (Mid-2019 Publish) XSS AVAYA Scopia Desktop [1][2]
CVE-2019-6998 (Mid-2019 Publish) XFS AVAYA Scopia Desktop [1][2]
CVE-2019-6798 SQL Injection phpMyAdmin [1][2]
CVE-2018-19970 Cross-Site Scripting (XSS) phpMyAdmin [1][2]
CVE-2018-19785 Cross-Site Scripting (XSS) PHP-Proxy [1][2]
CVE-2018-19784 Sensitive Data Exposure PHP-Proxy [1][2]
CVE-2018-20420 Incorrect Access Control webERP [1][2]
CVE-2018-19436 SQL Injection-3 webERP [1][2]
CVE-2018-19435 SQL Injection-2 webERP [1][2]
CVE-2018-19434 SQL Injection-1 webERP [1][2]
CVE-2018-19340 XSS Guriddo Form PHP [1][2]
CVE-2018-18950 Directory Traversal KindEditor [1][2]
You can’t perform that action at this time.