Astra Linux - уязвимость в apache2

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

EUVD-2022-32782

Malicious code in bioql PyPI...

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modproxy: X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813 - Apache HTTP Server...

Apache 2.4.x < 2.4.54 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.54 advisory. - Denial of Service modsed: If Apache HTTP Server 2.4.53 is configured to do transformations with modsed in contexts where the...

Client Details System 1.0 SQL Injection

Exploit Title: CVE-2023-7137ClientDetailsSystem-SQLInjection1 + Date: 2023-26-12 + Exploit Author: Hamdi Sevben + Vendor Homepage: https://code-projects.org/client-details-system-in-php-with-source-code/ + Software Link:...

BIT-APACHE-2022-26377 mod_proxy_ajp: Possible request smuggling

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

BIT-APACHE-2022-30522 mod_sed denial of service

If Apache HTTP Server 2.4.53 is configured to do transformations with modsed in contexts where the input to modsed may be very large, modsed may make excessively large memory allocations and trigger an abort...

BIT-APACHE-2022-30556 Information Disclosure in mod_lua with websockets

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

CentOS 9 : httpd-2.4.53-11.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the httpd-2.4.53-11.el9 build changelog. - out-of-bounds read/write of zero byte CVE-2006-20001 - Possible request smuggling CVE-2022-36760 - HTTP response splitting CVE-2022-37436...

The ap_rwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

Bludit CMS 3.14.1 Cross Site Scripting Vulnerability

Exploit Title: Bludit CMS v3.14.1 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/releases/tag/3.14.1 Version: 3.14.1 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE:...

Bang Resto v1.0 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip Version: 1.0 Tested on...

Bang Resto v1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip...

Bang Resto 1.0 Cross Site Scripting

Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip...

Bang Resto 1.0 SQL Injection

Exploit Title: Bang Resto v1.0 - 'Multiple' SQL Injection Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip Version: 1.0...

Simple Task Managing System 1.0 SQL Injection

Exploit Title: Simple Task Managing System v1.0 - SQL Injection Unauthenticated Date: 2022-01-09 Exploit Author: Hamdi Sevben Vendor Homepage: https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html Software Link:...

Intern Record System v1.0 - SQL Injection (Unauthenticated) Vulnerability

Exploit Title: Intern Record System v1.0 - SQL Injection Unauthenticated Exploit Author: Hamdi Sevben Vendor Homepage: https://code-projects.org/intern-record-system-in-php-with-source-code/ Software Link: https://download-media.code-projects.org/2020/03/InternRecordSystemInPHPWithSourceCode.zip...

Textpattern 4.8.8 Remote Code Execution

Exploit Title: Textpattern 4.8.8 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://textpattern.com/ Version : 4.8.8 Tested on: windows 11 xammp | Kali linux Category: WebApp Google Dork: intext:"Published with Textpattern...

CVE-2009-1890 affecting package httpd 2.4.53-1

CVE-2009-1890 affecting package httpd 2.4.53-1. This CVE either no longer is or was never applicable...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2685)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...