Skip to content

Th3 Hidd3n 0n3

With knowledge we flourish
  • Home
  • About me

CVE-2020-23763 SQL injection leading to Authentication bypass in “Online Book Store 1.0”

April 9, 2021 admin Leave a comment

1) Go to the site developed with “Online Book Store 1.0”2) click on “admin login” found on the bottom of…

Continue Reading →

CVE-2020-23762 Stored XSS vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress

admin Leave a comment

1) install Larsens Calender version 1.2 2) goto “kalender” and click “Eintrage hinzufugen” and add xss payload on the “Titel”…

Continue Reading →

CVE-2020-23761 Stored XSS vulnerability in subrion CMS Version <= 4.2.1

admin Leave a comment

1) install subrion CMS version (4.2.1) 2) login into admin acccount 3) go to Financial tab and click on transactions…

Continue Reading →

CVE-2020-15020 Stored XSS on Elementor WordPress plugin

July 7, 2020 admin Leave a comment

1) Install elementor wordpress plugin 2) Go to templates tab 3) click add new, and select page or section 4)…

Continue Reading →

CVE-2020-13888 Kordil EDMS through 2.2.60rc3 allows stored XSS

June 17, 2020 admin Leave a comment

1) Browse through the Kordil EDMS application 2) Update the Home address field present under the user management tab with…

Continue Reading →

CVE-2020-13887 Kordil EDMS through 2.2.60rc3 allows Remote Command Execution

admin Leave a comment

1) Login to the Kordil EDMS application and go to documents and add a document, like how will u add…

Continue Reading →

Recent Posts

  • CVE-2020-23763 SQL injection leading to Authentication bypass in “Online Book Store 1.0”
  • CVE-2020-23762 Stored XSS vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress
  • CVE-2020-23761 Stored XSS vulnerability in subrion CMS Version <= 4.2.1
  • CVE-2020-15020 Stored XSS on Elementor WordPress plugin
  • CVE-2020-13888 Kordil EDMS through 2.2.60rc3 allows stored XSS

RSS Hacker News

  • Launching Version 13.1 of Wolfram Language and Mathematica
  • We are unable to refund mistaken purchases, and/or if you don't like the game
  • Upptime/upptime: Uptime monitor and status page powered by GitHub
  • SEC rejects Grayscale Bitcoin ETF application [pdf]
  • Controversy continues over whether hot water freezes faster than cold
  • Interview with the author of “Buy Now”, a book about Amazon
  • Mimic 3 by Mycroft
  • Shrugs.app – A native Slack client for macOS
  • Show HN: Calculator for US individual income tax, from 1970-present
  • Mastering Nim – now available on Amazon
Copyright © 2022 Th3 Hidd3n 0n3