23 matches found
CVE-2026-54514
A flaw was found in jackson-databind, a library used for processing JSON data. This vulnerability allows a remote attacker to force the application to perform an attacker-chosen DNS Domain Name System query. This occurs when untrusted JSON input containing specific network address information is...
📄 WBCE CMS 1.6.5 LFI / Config Disclosure / Cross Site Scripting
The WBCE CMS frontend loader includes template files without sanitization. This allows local file inclusion, reading configuration files, and persistent cross site scripting via crafted templates. Version 1.6.5 is affected...
VOC++ Business Special Edition Creatiff Original 1.3 Information Disclosure
==================================================================================================================================== | Title : VOC++ Business Special Edition Creatiff Original v1.3 Config Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...
Kubernetes: Development Application Credentials + Information Exposed
Issue Description When I browsed through all the JS files on prow.k8s.io I came across a link called /config which contains a configuration disclosure for the development files URL Vulnerabilities https://prow.k8s.io/config Proof On Concept javascript - continuous-integration/travis-ci kubespray:...
File Inclusion Vulnerability in Ocean CMS V6.57 cache.inc.php file
Ocean CMS seacms is a video-on-demand system designed for webmasters with different needs. A file inclusion vulnerability exists in the ocean CMS V6.57 cache.inc.php file. The vulnerability is due to the background modification of the configuration file at the user input is not filtered, the...
Design/Logic Flaw
The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the...
LifeSize Room 5.0.9 - Multiple Vulnerabilities
Exploit for hardware platform in category web applications Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware,...
LifeSize Room 5.0.9 - Multiple Vulnerabilities
LifeSize Room 5.0.9 - Multiple Vulnerabilities Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar...
LifeSize Room 5.0.9 - Multiple Vulnerabilities
Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar very bugs in the WebUI exist and thier support...
LightNEasy sql/no-db <= 2.2.x system Config Disclosure Exploit
No description provided by source. !/usr/bin/perl LightNEasy sql/no-db = 2.2.x system config disclosure exploit by staker ------------------------------ mail: stakerathotmaildotit url: http://www.lightneasy.org ------------------------------ it works with magicquotesgpc=off short explanation:...
D-Link Access-Point <= 2.10na (DWL Series) Config Disclosure Vuln
No description provided by source...
Sulata iSoft - 'stream.php' Local File Disclosure
========================================================= Sulata iSoft stream.php Local File Disclosure Exploit ========================================================= Exploit Title : Sulata iSoft developer by Rizwan Azam you look site.com/about.php Date : 10 December 2010 Author : Suddendeath...
Radio istek Configuration Disclosure
turkish radio php script ====================================================== RADIO istek scripti tr Version 2.5 tr Remote config Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...
Radio istek scripti 2.5 - Remote Configuration Disclosure
Radio istek scripti 2.5 - Remote Configuration Disclosure turkish radio php script ====================================================== RADIO istek scripti tr Version 2.5 tr Remote config Vulnerability Found by? :? kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site :...
Knigman Shop Script Database Config Disclosure
Application Name : Knigman Shop Script Vulnerable Type : Arbitrary Database Config Disclosure Vulnerability Infection : SQL Info Get... Author : Septemb0x Script Down.& WebSite : http://knigman.net/buy.php?tovid=22764 & http://s2.dosya.tc/knigman.zip.html EXPLOIT : http://target/path/config.inc G...
ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln
No description provided by source. ------------------------------------------------- SoftWare Name : ARD-9808 DVR Card Security Camera Passwords View Bug ------------------------------------------------- Author : Septemb0x Web Site : www.ozkanbozkurt.com Procuts Site :...
ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure
------------------------------------------------- SoftWare Name : ARD-9808 DVR Card Security Camera Passwords View Bug ------------------------------------------------- Author : Septemb0x Web Site : www.ozkanbozkurt.com Procuts Site :...
ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln
Exploit for hardware platform in category remote exploits ================================================================== ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln ==================================================================...
LightNEasy sql/no-db <= 2.2.x system Config Disclosure Exploit
Exploit for unknown platform in category web applications ============================================================== LightNEasy sql/no-db new...
phpScribe 0.9 (user.cfg) Remote Config Disclosure Vulnerability
Exploit for unknown platform in category web applications =============================================================== phpScribe 0.9 user.cfg Remote Config Disclosure Vulnerability ===============================================================...