Lucene search
K

188 matches found

WPVulnDB
WPVulnDB
added 2022/02/21 12:0 a.m.12 views

CommonsBooking < 2.6.8 - Unauthenticated SQL Injection

The plugin does not sanitise and escape the location parameter of the calendardata AJAX action available to unauthenticated users before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection PoC Create an "item" and a "location" via the newly added...

9.8CVSS0.9AI score0.08852EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/02/21 12:0 a.m.139 views

CommonsBooking < 2.6.8 - Unauthenticated SQL Injection

The plugin does not sanitise and escape the location parameter of the calendardata AJAX action available to unauthenticated users before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection Create an "item" and a "location" via the newly added...

9.8CVSS0.5AI score0.08852EPSS
Exploits2
Hacker One
Hacker One
added 2022/01/25 7:33 a.m.31 views

Acronis: [CVE-2021-44228] Arbitrary Code Execution on ng01-cloud.acronis.com

Vulnerability description not provided...

10CVSS9.8AI score0.99999EPSS
Exploits349
BDU FSTEC
BDU FSTEC
added 2022/01/20 12:0 a.m.5 views

The vulnerability of the cURL command-line utility’s script, related to the use of an uninitialized resource, allows a hacker to gain access to confidential data.

The vulnerability of the cURL command-line utility lies in the use of an uninitialized resource. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

5.3CVSS6.4AI score0.04929EPSS
Exploits1References7Affected Software3
RedhatCVE
RedhatCVE
added 2022/01/12 11:23 p.m.50 views

CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt. This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerabilit...

8.8CVSS3AI score0.01344EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/11 12:0 a.m.6 views

Mozilla Firefox 命令注入漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox, which stems from a curl command constructed from the copy-to-curl function in DevTools that is not properly escaped into PowerShell.If pasted into a...

8.8CVSS7.7AI score0.01344EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2022/01/05 12:0 a.m.242 views

Dixell XWEB 500 Arbitrary File Write

Exploit Title: Dixell XWEB-500 - Arbitrary File Write Google Dork: inurl:"xweb500.cgi" Date: 03/01/2022 Exploit Author: Roberto Palamaro Vendor Homepage: https://climate.emerson.com/it-it/shop/1/dixell-electronics-sku-xweb500-evo-it-it Version: XWEB-500 Tested on: Dixell XWEB-500 References:...

0.7AI score
Exploits0
GithubExploit
GithubExploit
added 2021/12/12 10:22 a.m.250 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-CVE-2021-44228 On December 5, 2021, Apache identified a...

10CVSS9.5AI score0.99999EPSS
Exploits349
ATTACKERKB
ATTACKERKB
added 2021/11/22 7:15 a.m.2 views

CVE-2021-44079

In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution...

9.8CVSS7.6AI score0.03288EPSS
Exploits1References4
0day.today
0day.today
added 2021/11/02 12:0 a.m.550 views

Codiad 2.8.4 - Remote Code Execution Exploit (4)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2021/10/26 7:51 p.m.24 views

Acronis: %0A (New line) and limitness URL leads to DoS at all system [Main adress (https://www.acronis.com/)]

Hello team, hopefully you are happy now I found a DoS vulnerabilty at https://www.acronis.com/ Note: site is still down and this is not intentional behavior and i didn't use any automated tool At first i saw this code at site: someting and tried XSS but site was filtered " and '. So i tried with...

0.2AI score
Exploits0
NVD
NVD
added 2021/10/14 3:15 p.m.25 views

CVE-2021-22964

A redirect vulnerability in the fastify-static module version = 4.2.4 and 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e.A DOS vulnerability is possible if the...

8.8CVSS0.00988EPSS
Exploits1References1
Fedora
Fedora
added 2021/10/02 1:10 a.m.64 views

[SECURITY] Fedora 33 Update: curl-7.71.1-11.fc33

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

9.1CVSS7.3AI score0.0627EPSS
Exploits8
OSV
OSV
added 2021/08/05 9:15 p.m.31 views

CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

5.3CVSS1.6AI score0.04929EPSS
Exploits1References12
Packet Storm
Packet Storm
added 2021/07/29 12:0 a.m.209 views

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page: http://www.ljkj2012.com Affected version: 1.21 Summary: Battery Energy Management System. Desc: The application suffers from an unauthenticated arbitrary file download vulnerability. Inp...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2021/07/21 12:0 a.m.44 views

CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

5.3CVSS6.8AI score0.04929EPSS
Exploits1References5
Hacker One
Hacker One
added 2021/06/27 5:12 p.m.60 views

Elastic: [Swiftype] - Stored XSS via document field `url` triggers on `https://app.swiftype.com/engines/<engine>/document_types/<type>/documents/<id>`

Dear Team, I have found a stored XSS when create a document via API-based engine. The XSS payload stored in url field. To understand about document schema for API-based engine, please go to https://swiftype.com/documentation/site-search/guides/schema-designapi-based After indexed a document with...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2021/05/07 4:50 p.m.64 views

Exploit for Deserialization of Untrusted Data in Apache Ofbiz

CVE-2020-9496 - RCE Because the 2 xmlrpc related requets in we...

6.1CVSS7.6AI score0.98926EPSS
Exploits16
NVD
NVD
added 2021/04/02 8:15 p.m.14 views

CVE-2021-28941

Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpiedebug.php or /scripts/magpiesimple.php page, it's possible to request any internal page if you use a https request...

5.3CVSS0.01131EPSS
Exploits1References2
OSV
OSV
added 2021/04/02 8:15 p.m.18 views

CVE-2021-28941

Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpiedebug.php or /scripts/magpiesimple.php page, it's possible to request any internal page if you use a https request...

5.3CVSS6.9AI score
Exploits0References2
Rows per page
Query Builder