Skip to content

Instantly share code, notes, and snippets.

View 0xx7's full-sized avatar

0xx7

View GitHub Profile
@0xx7
0xx7 / gist:be3ffad0f7e76c71f66e69dbacef242b
Last active August 4, 2021 04:25
WebEOC 9.2 Stored Cross-Site-Scripting.txt
# Exploit Title: WebEOC Stored Cross-Site-Scripting <= 9.2
# Date: August/3/2021
# Exploit Author: Abdul Azeez Alaseeri
# Author page: https://www.linkedin.com/in/0xx777/
# Vendor Homepage: https://www.juvare.com/request-a-demo/webeoc/
# CVE-2021-37932
================================================================
# Exploit Title: Accela Civic Platform Cross-Site-Scripting and Open Redirect <= 21.1
# Date: June/9/2021
# Exploit Author: Abdul Azeez Alaseeri
# Author page: https://www.linkedin.com/in/0xx777/
# Vendor Homepage: https://www.accela.com/civic-platform/
# CVE-2021-34370
================================================================
Accela Civic Platform Cross-Site-Scripting <= 21.1
# Exploit Title: Accela Civic Platform Insecure Direct Object References <= 21.1
# Date: June/9/2021
# Exploit Author: Abdul Azeez Alaseeri
# Author page: https://www.linkedin.com/in/0xx777/
# Vendor Homepage: https://www.accela.com/civic-platform/
# CVE-2021-34369
================================================================
Accela Civic Platform Insecure Direct Object References <= 21.1
@0xx7
0xx7 / accela.txt
Last active June 8, 2021 03:26
Accela Civic Platform Cross-Site-Scripting
# Exploit Title: Accela Civic Platform Cross-Site-Scripting <= 21.1
# Date: June/7/2021
# Exploit Author: Abdul Azeez Alaseeri
# Author page: https://www.linkedin.com/in/0xx777/
# Vendor Homepage: https://www.accela.com/civic-platform/
# CVE-2021-33904
================================================================
Accela Civic Platform Cross-Site-Scripting <= 21.1
================================================================
@0xx7
0xx7 / goodlayerslms.txt
Last active September 19, 2021 07:26
Unauthenticated SQL Injection in Good Layers LMS Plugin <= 2.1.4
# Exploit Title: Unauthenticated SQL Injection in Good Layers LMS Plugin <= 2.1.4
# Date: 10/10/2020
# Exploit Author: Abdul Azeez Alaseeri
# Author page: https://www.linkedin.com/in/0xx777/
# Vendor Homepage: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850
# CVE-2020-27481
================================================================
Unauthenticated SQL Injection in Good Layers LMS Plugin <= 2.1.4
================================================================