Lucene search
K

182 matches found

Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.260 views

openSIS Student Information System 8.0 - 'multiple' SQL Injection

Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...

7.4AI score
Exploits0
OSV
OSV
added 2021/11/17 1:15 p.m.4 views

CVE-2021-42954

Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1.2121.1 is affected by incorrect access control. The installation directory is vulnerable to weak file permissions by allowing full control for Windows Everyone user group non-admin or any guest users, thereby allowing privilege...

7.8CVSS7.1AI score0.00379EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.402 views

Trojan.Win32.Akl.bc Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0b2a0f61a209e24a7d7b2c2d5efb4d68.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Akl.bc Vulnerability: Insecure Permissions Description: The malware creates an dir name...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/08/13 12:0 a.m.226 views

Care2x Open Source Hospital Information Management 2.7 Alpha XSS

Exploit Title: Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' Stored XSS Date: 13.08.2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/08/13 12:0 a.m.127 views

Care2x Open Source Hospital Information Management 2.7 Alpha - Multiple Stored XSS Vulnerability

Exploit Title: Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' Stored XSS Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alph...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/13 12:0 a.m.274 views

Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' Stored XSS

Exploit Title: Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' Stored XSS Date: 13.08.2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/06/11 12:0 a.m.65 views

WoWonder Social Network Platform 3.1 - Authentication Bypass Exploit

Exploit Title: WoWonder Social Network Platform 3.1 - Authentication Bypass Exploit Author: securityforeveryone.com Researchers : Security For Everyone Team - https://securityforeveryone.com Vendor Homepage: https://www.wowonder.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.342 views

WoWonder Social Network Platform 3.1 Authentication Bypass

Exploit Title: WoWonder Social Network Platform 3.1 - Authentication Bypass Date: 11.06.2021 Exploit Author: securityforeveryone.com Researchers : Security For Everyone Team - https://securityforeveryone.com Vendor Homepage: https://www.wowonder.com/ Software Link:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.359 views

WoWonder Social Network Platform 3.1 - Authentication Bypass

Exploit Title: WoWonder Social Network Platform 3.1 - Authentication Bypass Date: 11.06.2021 Exploit Author: securityforeveryone.com Researchers : Security For Everyone Team - https://securityforeveryone.com Vendor Homepage: https://www.wowonder.com/ Software Link:...

7.4AI score
Exploits0
Prion
Prion
added 2021/06/09 3:15 p.m.13 views

Privilege escalation

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...

4.6CVSS7.5AI score0.0032EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2021/05/05 12:0 a.m.174 views

Trojan.Win32.Agent.xdtv Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ffa9b76f9549a2c46415c855a0911e8a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.xdtv Vulnerability: Insecure Permissions Description: The malware creates an...

7.4AI score
Exploits0
OSV
OSV
added 2021/04/27 1:15 p.m.3 views

CVE-2021-28271

Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag Full for 'Everyone'and 'Authenticated...

8.8CVSS5.8AI score0.01866EPSS
Exploits2References3
Prion
Prion
added 2021/04/27 1:15 p.m.21 views

Privilege escalation

Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag Full for 'Everyone'and 'Authenticated...

6.5CVSS8.6AI score0.01866EPSS
Exploits2References3Affected Software3
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.7 views

Soyal Technologies SOYAL 701Server 安全漏洞

SOYAL Soyal Technology 701Server is a hardware device from China's Maosu Information SOYAL. A toilet alarm. A security vulnerability exists in Soyal Technologies SOYAL 701Server 9.0.1, which is caused by improper privileges to the "Everyone" and "Authenticated Users" groups using the "F The...

8.8CVSS7.9AI score0.01866EPSS
Exploits2References3
Cvelist
Cvelist
added 2021/04/14 2:56 p.m.16 views

CVE-2021-28098

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions...

7.9AI score0.00405EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2021/02/24 3:29 p.m.5 views

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or othe...

5.9AI score
Exploits0
OSV
OSV
added 2021/01/04 5:15 p.m.5 views

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

7.8CVSS7.1AI score0.00444EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/01/04 4:13 p.m.22 views

CVE-2020-36154

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...

7.4AI score0.00444EPSS
Exploits1References2
Talos
Talos
added 2020/12/16 12:0 a.m.210 views

Kepware LinkMaster Service privilege escalation vulnerability

Talos Vulnerability Report TALOS-2020-1147 Kepware LinkMaster Service privilege escalation vulnerability December 16, 2020 CVE Number CVE-2020-13535 Summary A privilege escalation vulnerability exists in Kepware LinkMaster 3.0.94.0. In its default configuration, an attacker can globally overwrite...

9.3CVSS8.1AI score0.0066EPSS
Exploits1
Packet Storm
Packet Storm
added 2020/12/14 12:0 a.m.380 views

MiniWeb HTTP Server 0.8.19 Buffer Overflow

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

0.5AI score
Exploits0
Rows per page
Query Builder