whoissecure/Simple-Subscription-Website-Exploits

whoissecure/Simple-Subscription-Website-Exploits

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Exploits in Simple Subscription Company to dump users and hashes from database.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-26283 ↗	Mar 21, 2022Monday, 21 March 2022, 23:15	9.8 CRITICAL	7.5 HIGH
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVE-2022-26285 ↗	Mar 21, 2022Monday, 21 March 2022, 23:15	9.8 CRITICAL	7.5 HIGH
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.