ample
-
Authored by indoushka AMPLE BILLS version 1.0 suffers from a cross site scripting vulnerability. =============================================================================================================================================| # Title : AMPLE BILLS v1.0 XSS Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) || # Vendor : https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html |=============================================================================================================================================poc :[+] Dorking İn Google Or…
-
=============================================================================================================================================| # Title : AMPLE BILLS v1.0 Administrative Page Disclosure Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) || # Vendor : https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html |=============================================================================================================================================
-
Authored by nu11secur1ty AMPLE BILLS version 0.1 suffers from a remote SQL injection vulnerability. ## Title: AMPLE BILLS 0.1 Multiple-SQLi## Author: nu11secur1ty## Date: 04/13/2024## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html## Reference: https://portswigger.net/web-security/sql-injection## Description:The customer parameter (#1*) appears to be vulnerable to SQL injectionattacks. The payload (select*from(select(sleep(20)))a) was submittedin the customer parameter. The application took 20017 milliseconds torespond…