35 matches found
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file...
CVE-2024-36597
Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the clientid parameter at clientStatus.php...
CVE-2024-36599
A cross-site scripting XSS vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php...
Exploit for SQL Injection in Projectworlds Life_Insurance_Management_System
This is a collection of vulnerability reports from the dachuaner/POC repository. The reports describe various vulnerabilities in different software systems, including: 1. 1Panel面板最新前台RCE漏洞CVE-2024-39911: A remote code execution RCE vulnerability in the 1Panel面板 latest frontend, allowing attackers...
CVE-2024-36599
A cross-site scripting XSS vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php...
CVE-2024-36597
Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the clientid parameter at clientStatus.php...
CVE-2024-36597
Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the clientid parameter at clientStatus.php...
CVE-2024-36597
Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the clientid parameter at clientStatus.php...
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file...
CVE-2024-36599
A cross-site scripting XSS vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php...
CVE-2024-36599
A cross-site scripting XSS vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php...
CVE-2024-36599
CVE-2024-36599 describes a stored XSS vulnerability in Aegon Life v1.0 where an attacker can inject arbitrary scripts via the name parameter in insertClient.php. Affected software: Aegon Life Life Insurance Management System (v1.0). Root cause: insufficient input validation/output encoding in the...
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file...
CVE-2024-36598
CVE-2024-36598 affects Aegon Life v1.0. It describes an arbitrary file upload vulnerability that lets attackers upload a crafted PHP file to achieve remote code execution, via image/gif payloads (e.g., GIF89a with PHP code) and insufficient validation in insertClient.php; unauthenticated redirect...
Aegon Life Cross-Site Scripting Vulnerability
Aegon Life is an application from Aegon Life, Inc. A cross-site scripting vulnerability exists in Aegon Life v1.0, which originated from a vulnerability that allows an attacker to execute arbitrary web script or HTML by injecting a crafted payload via the name parameter of insertClient.php...
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file...
Aegon Life SQL Injection Vulnerability
Aegon Life is an application from Aegon Life. A SQL injection vulnerability exists in Aegon Life v1.0, which originates from a SQL injection vulnerability in the clientid parameter in clientStatus.php...
AEGON LIFE 1.0 SQL Injection
Exploit Title: Life Insurance Management System- SQL injection vulnerability. Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEGON...
CVE-2024-36599
A cross-site scripting XSS vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php...
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...