932 matches found
MongoDB NoSQL Collection Enumeration Via Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MongoDB NoSQL Collection Enumeration Via Injection", 'Description' = %q This module can exploit NoSQL injections on MongoDB versions less than 2....
Medium: python-tqdm
Issue Overview: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version...
AccPack Cop CMS 1.0 SQL Injection
============================================================================================================================================= | Title : AccPack Cop CMS v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...
PT-2024-27927 · R Hub · R-Hub Turbomeeting
Name of the Vulnerable Software and Affected Versions: R-HUB TurboMeeting versions through 8.x Description: A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint allows unauthenticated remote attackers to extract hashed passwords from the database and authenticate to th...
VulnCheck KEV: CVE-2021-3018
ipeak Infosystems ibexwebCMS aka IPeakCMS 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page...
CVE-2024-38289
TurboMeeting (R-HUB) versions through 8.x are affected by a boolean-based SQL injection in the Virtual Meeting Password (VMP) endpoint. The issue allows unauthenticated remote attackers to extract hashed passwords and authenticate via crafted SQL input. Affected software: RHUB TurboMeeting (up to...
SQL Injection
github.com/openclarity/kubeclarity is vulnerable to SQL Injection. The vulnerability is due to manipulating the packageID parameter in the /api/applicationResources endpoint, where the fmt.Sprintf function is used to build the SQL query string without validating the input. It allows an attacker t...
WordPress Poll 2.3.6 SQL Injection
Exploit Title: WordPress Poll Plugin SQL Injection Date: 2024-07-06 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://total-soft.com/wp-poll/ Version 2.3.6 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to TS Poll Create Pool Use Theme and...
Azon Dominator Affiliate Marketing Script - SQL Injection Vulnerability
Exploit Title: Azon Dominator - Affiliate Marketing Script - SQL Injection Exploit Author: Buğra Enis Dönmez Vendor: https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script Demo Site: https://azon-dominator.webister.net/ Tested on: Arch Linux CVE: N/A Request POST...
PT-2024-33813
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from dml2 core shared mode support and dml core mode support accessing the third element of dummy boolean, which has a size of 2. This results in an OVERRUN when...
Malicious code in act-as_time_as_boolean (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-35548
A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications...
CVE-2024-35548
A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications...
CVE-2024-35548
A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications...
MyBatis-Plus 安全漏洞
MyBatis-Plus is an open source toolkit from Baomidou. A security vulnerability exists in MyBatis-Plus versions prior to 3.5.6, which stems from the presence of a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain database information via Boolean blind injection...
Chat Bot 1.0 SQL Injection
Titles: Chat Bot - PHP by: oretnom23 v1.0 Multiple SQLi Author: nu11secur1ty Date: 05/22/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...
Signature Verification Bypass
onelogin/php-saml is vulnerable to Signature Verification Bypass. The vulnerability is due to implicit boolean conversion of numerical values returned by opensslverify in PHP, where an error state -1 can be interpreted as a successful signature verification, which results in misinterpretation of...
PT-2024-40229 · Unknown · Php-Saml Toolkit
Name of the Vulnerable Software and Affected Versions: php-saml toolkit affected versions not specified Description: The issue arises from the implicit conversion of numerical values to boolean in PHP, which can lead to an error state being treated as a successful signature verification...
OESA-2024-1555 python-tqdm security update
tqdm derives from the Arabic word taqaddum which can mean "progress". Instantly make your loops show a smart progress meter - just wrap any iterable with tqdminterable, and you are done! Security Fixes: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments...
SUSE CVE-2024-34062
tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All user...