Th3 Hidd3n 0n3 – With knowledge we flourish

CVE-2020-23763 SQL injection leading to Authentication bypass in “Online Book Store 1.0”

April 9, 2021 admin Leave a comment

1) Go to the site developed with “Online Book Store 1.0”2) click on “admin login” found on the bottom of…

Continue Reading →

CVE-2020-23762 Stored XSS vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress

admin Leave a comment

1) install Larsens Calender version 1.2 2) goto “kalender” and click “Eintrage hinzufugen” and add xss payload on the “Titel”…

Continue Reading →

CVE-2020-23761 Stored XSS vulnerability in subrion CMS Version <= 4.2.1

admin Leave a comment

1) install subrion CMS version (4.2.1) 2) login into admin acccount 3) go to Financial tab and click on transactions…

Continue Reading →

CVE-2020-15020 Stored XSS on Elementor WordPress plugin

July 7, 2020 admin Leave a comment

1) Install elementor wordpress plugin 2) Go to templates tab 3) click add new, and select page or section 4)…

Continue Reading →

CVE-2020-13888 Kordil EDMS through 2.2.60rc3 allows stored XSS

June 17, 2020 admin Leave a comment

1) Browse through the Kordil EDMS application 2) Update the Home address field present under the user management tab with…

Continue Reading →

CVE-2020-13887 Kordil EDMS through 2.2.60rc3 allows Remote Command Execution

admin Leave a comment

1) Login to the Kordil EDMS application and go to documents and add a document, like how will u add…

Continue Reading →

Copyright © 2021 Th3 Hidd3n 0n3