Vulnerability Research and Exploit Development

[11-22-2018] – Cory Support v1.0 – Time-Based SQL Injection in “signin.php”

[08-01-2012] – Tekno.Portal v0.1b – Blind SQL Injection in “link.php”

[07-25-2012] – Tekno.Portal v0.1b – SQL Injection Vulnerability in “anket.php”

[11-09-2018] – PeepSo v1.11.2 – Time-Based SQL Injection

[12-04-2018] – Hasan MWB v1.0 – Multiple Time-Based SQL Injections

[11-09-2018] – PeepSo v1.11.2 – XSS Vulnerability in “Members”

[09-25-2018] – Tekno.Portal v0.1b – Cross-Site Scripting Vulnerability in “link.php”

[10-03-2018] – Pie Register v3.0.15 – Cross-Site Scripting Vulnerability in “Login”

[10-19-2018] – Pie Register v3.0.17 – XSS Vulnerability in “Forgot-Password”

[10-22-2018] – Question Answer v1.2.30 – Multiple XSS Vulnerabilities

[11-13-2018] – Custom Registration Form v1.01 – Multiple XSS Vulnerabilities

[08-23-2009] – Remote Buffer Overflow Exploit on TFTPDWIN v0.4.2 (Open Port)

[07-20-2009] – Remote Buffer Overflow Exploit on HTTP Xitami v2.5c2 (calc.exe)

[11-16-2008] – Remote Buffer Overflow Exploit on HTTP Xitami v2.5c2 (DoS)

[04-25-2008] – Remote Buffer Overflow Exploit on AT-TFTP v1.9 (DoS)

[05-16-2020] – Remote Denial of Service Vulnerabilities (Proof of Concept)

Author: Alvaro J. Gene (Socket_0x03)