Skip to content

OhmGun/My-Exploits

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

60 Commits
 
 

Repository files navigation

🪐 My Exploits 🪐

This repository is a curated collection of my exploits and security research. Below is a comprehensive list of various vulnerabilities I have discovered or explored in different CMSs and software.

:atom: Exploits List :atom:

1. PopojiCMS 2.0.1 Remote Command Execution (RCE)

2. Lepton CMS 7.0.0 Remote Code Execution (RCE)

3. liveSite 2019.1 Remote Code Execution (RCE)

4. iGalerie 3.0.22 Cross Site Scripting (XSS)

5. PluXml Blog 5.8.9 Remote Code Execution (RCE)

6. Form Tools 3.1.1 Cross Site Scripting (XSS)

7. WebCalendar 1.3.0 Cross Site Scripting (XSS)

8. WhatACart 2.0.7 Cross Site Scripting (XSS)

9. ShopSite 14.0 Cross Site Scripting (XSS)

10. Kopage Website Builder 4.4.15 Cross Site Scripting (XSS)

11. WBCE CMS Version 1.6.1 Remote Command Execution (RCE)

12. Magento 2.4.6 XSLT Server Side Injection (XSLT)

13. MotoCMS Version 3.4.3 - SQL Injection (SQL)

14. Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS)

15. Total CMS 1.7.4 - Remote Code Execution (RCE)

16. MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)

17. Unquoted Service Path in Microsoft GamingServicesNet

18. Shell Upload in Total CMS 1.7.4 (RCE)

19. Textpattern CMS v4.8.8 - Stored Cross-Site Scripting (XSS)

20. Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS)

21. Textpattern CMS v4.8.8 - Command Injection (RCE)

22. Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)

23. Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)

24. Office Suite Premium 10.9.1.42602 Cross Site Scripting (XSS)

25. Office Suite Premium 10.9.1.42602 Path Traversal (LFI)

26. Office Suite Premium 10.9.1.42602 Local File Inclusion (LFI)

27. Alkacon OpenCMS 15.0 Cross Site Scripting (XSS)

28. Zip & RAR FileExtractor v5.7 - Reflected XSS

29. Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

30. Moodle 4.3 Cross Site Scripting (XSS)

31. CSZ CMS 1.3.0 Shell Upload (RCE)

32. PyroCMS 3.0.1 Cross Site Scripting (XSS)

33. CE Phoenix 1.0.8.20 Cross Site Scripting (XSS)

34. CE Phoenix v1.0.8.20 - Remote Code Execution (RCE)

35. Moodle 4.3 Reflected (XSS)

36. Dotclear 2.29 Cross Site Scripting (XSS)

37. SitePad 1.8.2 Cross Site Scripting (XSS)

38. CMS Made Simple 2.2.19 Remote Code Execution (RCE)

39. CMS Made Simple 2.2.19 Cross Site Scripting (XSS)

40. CMS Made Simple 2.2.19 Server-Side Template Injection (SSTI)

🔆 Disclaimer 🔆

The information and exploits in this repository are provided for educational and research purposes only. The use of this information for attacking targets without prior mutual consent is illegal. The author is not responsible for any misuse of the information provided here.

🌐 Contact 🌐

For any queries or contributions, feel free to reach out. Contact Information

About

My Exploit

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published