Security
Headlines
HeadlinesLatestCVEs

Headline

Human Resource Management System 2024 1.0 Insecure Settings

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

Packet Storm
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#java#php#perl#auth#ruby#firefox

Human Resource Management System 2024 1.0 Insecure Settings

Posted Aug 19, 2024

Authored by indoushka

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | bf20205d0167adcb0c48749ed7a50372cba24a18938ecfb734926b5099542af1

Download | Favorite | View

Human Resource Management System 2024 1.0 Insecure Settings

=============================================================================================================================================| # Title     : Human Resource Management System 2024 v1.0 Insecure Settings Vulnerability                                                  || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  [email protected] & pass = admin#123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

File Tags

  • ActiveX (933)
  • Advisory (86,460)
  • Arbitrary (16,885)
  • BBS (2,859)
  • Bypass (1,867)
  • CGI (1,033)
  • Code Execution (7,823)
  • Conference (691)
  • Cracker (844)
  • CSRF (3,398)
  • DoS (25,094)
  • Encryption (2,389)
  • Exploit (53,232)
  • File Inclusion (4,263)
  • File Upload (996)
  • Firewall (822)
  • Info Disclosure (2,891)
  • Intrusion Detection (916)
  • Java (3,144)
  • JavaScript (898)
  • Kernel (7,223)
  • Local (14,799)
  • Magazine (586)
  • Overflow (13,172)
  • Perl (1,435)
  • PHP (5,225)
  • Proof of Concept (2,394)
  • Protocol (3,727)
  • Python (1,646)
  • Remote (31,673)
  • Root (3,638)
  • Rootkit (527)
  • Ruby (632)
  • Scanner (1,657)
  • Security Tool (8,029)
  • Shell (3,277)
  • Shellcode (1,217)
  • Sniffer (902)
  • Spoof (2,278)
  • SQL Injection (16,614)
  • TCP (2,441)
  • Trojan (690)
  • UDP (904)
  • Virus (670)
  • Vulnerability (33,004)
  • Web (9,968)
  • Whitepaper (3,782)
  • x86 (967)
  • XSS (18,259)
  • Other

File Archives

  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • Older

Systems

  • AIX (429)
  • Apple (2,099)
  • BSD (377)
  • CentOS (58)
  • Cisco (1,927)
  • Debian (7,101)
  • Fedora (1,693)
  • FreeBSD (1,246)
  • Gentoo (4,567)
  • HPUX (880)
  • iOS (378)
  • iPhone (108)
  • IRIX (220)
  • Juniper (69)
  • Linux (50,815)
  • Mac OS X (691)
  • Mandriva (3,105)
  • NetBSD (256)
  • OpenBSD (489)
  • RedHat (16,569)
  • Slackware (941)
  • Solaris (1,611)
  • SUSE (1,444)
  • Ubuntu (9,756)
  • UNIX (9,438)
  • UnixWare (187)
  • Windows (6,674)
  • Other

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution