exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Calvin Phang

flatCore CMS XSS / File Disclosure / SQL Injection

Posted Jan 13, 2021

Authored by Calvin Phang, Yew Chung Cheah | Site sec-consult.com

flatCore CMS versions prior to 2.0.0 build 139 suffer from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection

advisories | CVE-2021-23835, CVE-2021-23836, CVE-2021-23837, CVE-2021-23838

SHA-256 | 7004bfa666eb6af03dc29eadbe529eafb7fe5a6be9ff5748f6c735dfd6916202

Download | Favorite | View

SevOne Network Management System 5.7.2.22 SQL Injection / Command Injection

Posted Oct 2, 2020

Authored by Calvin Phang | Site sec-consult.com

SevOne Network Management System version 5.7.2.22 suffers from command injection, CSV formula injection, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection

SHA-256 | 24e87adbd89e7edce3cf95cf9e71c78997abb8447a837d4e46b32402d1147531

Download | Favorite | View

WonderCMS 3.1.0 XSS / Directory Traversal / File Upload

Posted Jul 17, 2020

Authored by Calvin Phang | Site sec-consult.com

WonderCMS versions 3.1.0 and below suffer from directory traversal, persistent cross site scripting, and file upload vulnerabilities.

tags | advisory, vulnerability, xss, file upload

SHA-256 | c8f9cd68ea4db3c53c6e6bf260ab07eced2819f903c6aa21f0fb40a29486efcf

Download | Favorite | View