Responsive Online Blog 1.0 SQL Injection

Exploit Title: Responsive Online Blog 1.0 - 'id' SQL Injection Date: 2020-06-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...

Responsive Online Blog 1.0 - 'id' SQL Injection

Exploit Title: Responsive Online Blog 1.0 - 'id' SQL Injection Date: 2020-06-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...

Bot Mafias Have Wreaked Havoc in 'World of Warcraft Classic'

Blizzard has suspended or closed over 74,000 accounts in the last month, as bots have upended the game's economy...

Rails -- permission vulnerability

Ruby on Rails blog: Rails 6.0.3.2 has been released! This version of Rails contains an important security patch, and you should upgrade! The release contains only one patch that addresses CVE-2020-8185...

XSS Vulnerability in My-Blog-layui

My-Blog-layui by SpringBoot + Layui + Mybatis + Thymeleaf and other technologies to achieve the Java blog system . My-Blog-layui has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

Quick Player 1.3 - '.m3l' Buffer Overflow (Unicode & SEH)

Exploit Title: Quick Player 1.3 - '.m3l' Buffer Overflow Unicode & SEH Date: 2020-06-05 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof of Concept: 1.- Run the python script "poc.py", it will create a new...

Quick Player 1.3 - Denial Of Service

Quick Player version 1.3 suffers from a denial of service vulnerability. Exploit Title: Quick Player 1.3 - 'Browser.exe' Denial of Service Date: 06/05/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof ...

retaildesignblog.net Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1185253 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

bang-blog-forum.2290712.n4.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1184953 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Quick Player 1.3 Denial Of Service

Exploit Title: Quick Player 1.3 - 'Browser.exe' Denial of Service Date: 06/05/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof of Concept: 1.- Run the python script "poc.py", it will create a new file...

File upload vulnerability exists in uublog (CNVD-2020-42034)

uublog is a lightweight PHP blog system source code developed in PHP + MySQL. uublog has a file upload vulnerability that can be exploited by attackers to gain server privileges...

XSS Vulnerability in Blog-System Personal Blog System

Blog-System personal blog system based on Spring Spring MVC Mybatis Maven way to build. Blog-System personal blog system has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...

Unauthorized Access Vulnerability in Blog-System Personal Blog System Backend

Blog-System personal blog system based on Spring Spring MVC Mybatis Maven way to build. Blog-System personal blog system background unauthorized access vulnerability, attackers can use the vulnerability to directly access the system background functional pages...

blog.uniterre.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1182864 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

XSS Vulnerability at jfinal cms publishing blog posts

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms publish blog posts at the existence of XSS vulnerabilities , attackers...

ZrLog is vulnerable to XSS

ZrLog is a blog/CMS program developed in Java. ZrLog suffers from an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

SQL Injection Vulnerability in Li Lei's Blog

Li Lei blog is an open source PHP blog management system . Li Lei Blog has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

Li Lei's blog suffers from SQL injection vulnerability (CNVD-2020-32567)

Li Lei blog is an open source PHP blog management system . Li Lei Blog has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

Now's The Perfect Time to Start Using a Password Manager

Time has no meaning, and we're all stuck in front of screens. You may as well secure your life while you're always online...

Fake supreme court subpoena phishing scam steals Office 365 credentials

By Sudais Asif The new phishing scams redirect users multiple times and also uses CAPTCHA before stealing credentials. This is a post from HackRead.com Read the original post: Fake supreme court subpoena phishing scam steals Office 365 credentials...