7705 matches found
blog.motride.com Cross Site Scripting vulnerability OBB-2462975
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
An In-Depth Look at ICS Vulnerabilities Part 1
In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK for ICS...
Palantir Public: SQL Injection at https://files.palantir.com/ due to CVE-2021-38159
A vulnerability was discovered in an Internet-facing asset files.palantir.com. A proof of concept POC was developed and used to validate the finding. The vulnerability was patched and resolved. Blog about this vulnerability published. You can read full detail here:...
CVE-2022-25420
NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This vulnerability allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2022-25420
NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This vulnerability allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2022-25420
NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This vulnerability allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2022-25420
CVE-2022-25420 affects NTT Resonant Incorporated goo blog App Web Application 1.0, with a CRLF injection vulnerability that allows an attacker to execute arbitrary code via a crafted HTTP request. The primary sources confirm this product and vulnerability class, but no remediation or patch detail...
forkcms SQL Injection Vulnerability (CNVD-2022-25983)
forkcms is an application. A CMS. forkcms version 5.11.1 previously contained a SQL injection vulnerability that stemmed from a lack of validation of externally entered SQL statements in the ids parameter of blog comments. An attacker could use this vulnerability to execute illegal SQL commands t...
goo blog App 注入漏洞
The goo blog App is a blog application. A security vulnerability exists in NTT Resonant Incorporated goo blog App Web Application version 1.0 that allows an attacker to execute arbitrary code via a crafted HTTP request...
GHSA-RR8M-29G8-8CGC SQL Injection in Fork CMS
Fork CMS is vulnerable to SQL injection through marking blog comments on bulk as spam in versions prior to 5.11.1...
SQL Injection in Fork CMS
Fork CMS is vulnerable to SQL injection through marking blog comments on bulk as spam in versions prior to 5.11.1...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Linuxfoundation Containerd
PoC for CVE-2022-23648 This is a proof of concept for @fel...
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
Sql injection
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
CVE-2022-1064 SQL injection through marking blog comments on bulk as spam in forkcms/forkcms
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
CVE-2022-1064 SQL injection through marking blog comments on bulk as spam in forkcms/forkcms
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
forkcms SQL注入漏洞
forkcms is an application. A CMS. forkcms version 5.11.1 previously contained a SQL injection vulnerability that stemmed from a lack of validation of externally entered SQL statements in the ids parameter of blog comments. An attacker could use this vulnerability to execute illegal SQL commands t...
SQL injection through marking blog comments on bulk as spam
Description the comments ids aren't checked and vulnerable for SQL injection Proof of Concept...
WordPress miniOrange's Google Authenticator plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress miniOrange's Google Authenticator plugin version 5.5 or earlier is vulnerable to a cross-site request forgery vulnerability that stems from...