Roxy Fileman 1.4.5 - Directory Traversal

Roxy Fileman 1.4.5 - Directory Traversal Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE:...

D-Link DIR-615 Wireless Router  -  Persistent Cross-Site Scripting

D-Link DIR-615 Wireless Router - Persistent Cross-Site Scripting Exploit Title: D-Link DIR-615 Wireless Router - Persistent Cross-Site Scripting Date: 2019-12-13 Exploit Author: Sanyam Chawla Vendor Homepage: http://www.dlink.co.in Category: Hardware Wi-fi Router Hardware Link:...

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro...

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow

Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7...

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit

Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7 / Win10 CVE:...

Online Clinic Management System 2.2 - HTML Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Clinic Management System 2.2 - HTML Injection Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system...

Online Clinic Management System 2.2 - HTML Injection

Online Clinic Management System 2.2 - HTML Injection Exploit Title: Online Clinic Management System 2.2 - HTML Injection Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link :...

Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting

Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://github.com/bigprof-software/online-invoicing-system Software : Online Invoicing Syst...

Online Invoicing System 2.6 Cross Site Scripting

Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://github.com/bigprof-software/online-invoicing-system Software : Online Invoicing Syst...

teabocafe.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1027470 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2011-3596

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request...

CVE-2019-5071

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS1 post...

CVE-2019-5072

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS2 post...

Command injection

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS2 post...

Command injection

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS1 post...

CVE-2019-5072

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS2 post...

CVE-2019-5071

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS1 post...

CVE-2019-5071

CVE-2019-5071 is a confirmed command-injection vulnerability in the Tenda AC9 router, exposed via the /goform/WanParameterSetting endpoint. The vulnerability allows a locally authenticated attacker to inject commands through the DNS1 DNS2 post parameters in a crafted HTTP POST, leading to code ex...

Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection, resulting in cod...

CVE-2019-16200

GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the...