0xPablitoClinic Management System 1.0 — SQL injection bypass to Remote Code ExecutionThe purpose of the Free Project Source Codeentitled “CLINIC MANAGEMENT SYSTEM” is to computerize the Front Office Management of Hospital…Oct 21, 2021Oct 21, 2021
0xPablitoCVE-2019-20191-Oxygen XML Editor 21.1.1 allows XXEOxygen XML Editor is the best XML editor available and provides a comprehensive suite of XML authoring and development tools. It is…Mar 14, 2020Mar 14, 2020
0xPablitoCVE-2019–20184 KeePass — 2.4.1 — CSV InjectionCSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program…Jan 6, 2020Jan 6, 2020
0xPablitoCVE-2019–20183 Employee Records System — Bypass File Upload to RCEThis is a simple project created with PHP, MYSQL and jQuery that stores employee’s personal information including their Image and any…Jan 6, 20201Jan 6, 20201
0xPablitoCVE-2019–20180 TABLEPRESS — VERSION 1.9.2- CSV InjectionCSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program…Jan 2, 2020Jan 2, 2020
0xPablitoCVE-2019-20179 SO Planning 1.45-SQL injectionSO Planning is a Simple Online Planning tool. Allows you to plan working periods for each person of your team, in a visual / printable…Jan 2, 2020Jan 2, 2020
0xPablitoCVE-2019-20178 PEEL Shopping : eCommerce shopping cart — 9.2.1— Cross-Site Request ForgeryCross-Site Request Forgery (CSRF) vulnerabilities found in PEEL Shopping : eCommerce shopping cart 9.2.1 allow a malicious user to perform…Jan 2, 2020Jan 2, 2020
0xPablitoCVE-2019–14344 — TemaTres 3.0 — Cross-site scripting reflected (XSS)TemaTres: controlled vocabulary server 3.0 — XSSDec 9, 2019Dec 9, 2019
0xPablitoCVE-2019–14347 Adive Framework 2.0.7 — Elevate Privileges👨🏼💻Discovered by Pablo Santiago.Nov 16, 2019Nov 16, 2019
0xPablitoCVE-2019–14346 Adive Framework 2.0.7 — Cross-Site Request ForgeryCross-Site Request Forgery (CSRF) vulnerabilities found in Adive Framework 2.0.7 allow a malicious user to perform actions such as…Nov 16, 2019Nov 16, 2019