exploitdb
WORKING POC
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33304
The exploit demonstrates XSS vulnerabilities in OpenDocMan by injecting JavaScript via unsanitized user input in the URL. It also references an SQL injection vulnerability, though no direct SQLi payload is provided.
Classification
Working Poc 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the target application URL
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33305
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, including a sample XSS payload. It lacks executable exploit code but details the vulnerability and potential impact.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable OpenDocMan instance
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/9903
The document describes an authentication bypass and multiple XSS vulnerabilities in OpenDocMan v1.2.5. It includes proof-of-concept examples for SQL injection-based authentication bypass and various XSS payloads.
Classification
Writeup 100%
Attack Type
Auth Bypass | Xss
Target:
OpenDocMan v1.2.5
No auth needed
Prerequisites:
valid username (default: 'admin')
exploitdb
WORKING POC
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33300
The exploit demonstrates an XSS vulnerability in OpenDocMan by injecting a script tag into the URL. It also includes a base64-encoded payload suggesting potential SQL injection, though the primary focus is on XSS.
Classification
Working Poc 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable OpenDocMan instance
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33301
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with an example XSS payload. No functional exploit code is included.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable application
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33302
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with an example XSS payload. It lacks executable exploit code but outlines the vulnerability and potential impact.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable endpoint
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33303
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with an example XSS payload. It lacks executable exploit code but outlines the vulnerability and potential impact.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the search.php endpoint
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33296
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with example URLs demonstrating the XSS exploit. No actual exploit code is present.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable OpenDocMan instance
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33295
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with an example XSS payload. It lacks executable exploit code but provides technical details and an attack vector.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable OpenDocMan instance
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33298
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with an example XSS payload. No functional exploit code is included.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the vulnerable application URL
exploitdb
WORKING POC
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33299
This exploit demonstrates an XSS vulnerability in OpenDocMan 1.2.5 by injecting a script tag into the URL, which executes arbitrary JavaScript in the context of the user's session. The vulnerability arises from insufficient sanitization of user-supplied input in the category.php file.
Classification
Working Poc 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the target application's URL
exploitdb
WRITEUP
VERIFIED
by Amol Naik · textwebappsphp
https://www.exploit-db.com/exploits/33297
The provided text describes an SQL injection and XSS vulnerability in OpenDocMan 1.2.5, with an example XSS payload. It lacks executable exploit code but provides technical details and a proof-of-concept URL for XSS.
Classification
Writeup 90%
Target:
OpenDocMan 1.2.5
No auth needed
Prerequisites:
Access to the target application URL