The exploit details multiple vulnerabilities in Orangescrum 1.6.1, including arbitrary file upload, SQL injection, stored XSS, and arbitrary file copy. It provides clear steps and examples for exploitation, including code snippets for SQL injection and XSS.
Classification
Working Poc 90%
Attack Type
Sqli | Xss | Other
Complexity
Trivial
Reliability
Reliable
Target:Orangescrum 1.6.1
Auth required
Prerequisites:Valid credentials for Orangescrum 1.6.1 · Access to the target application