E-commerce MLM Software 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: E-commerce MLM Software 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/e-commerce-mlm/ Demo: http://74.124.215.220/advaemlm/...

Cisco NX-OS System Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

SQL injection vulnerability in phpaaCMS friendlink.action.php page

phpaaCMS is a simple article management system. A SQL injection vulnerability exists in the friendlink.action.php page of phpaaCMS v0.5, which can be exploited by attackers to obtain sensitive information about the database...

DblTek - Multiple Vulnerabilities

DblTek - Multiple Vulnerabilities Vulnerabilities summary The following advisory describes 2 two vulnerabilities found in DblTek webserver. DBL is “specialized in VoIP products, especially GoIPs. We design, develop, manufacture, and sell our products directly and via distributors to customers. Ou...

Apache Roller XML-RPC protocol support XML injection vulnerability

Apache Roller is the United States Apache Apache Software Foundation's set of feature-rich multi-user blogging platform. XML-RPC protocol support is one of the XML-RPC transport protocol support component. A security vulnerability exists in the XML-RPC protocol support in Apache Roller versions...

actionpack Improper Input Validation vulnerability

The tos method in actionpack/lib/actiondispatch/middleware/remoteip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which might allow remote attackers to inject arbitrary text into log files or bypass intended address...

GHSA-X457-CW4H-HQ5F JSON gem has Improper Input Validation vulnerability

The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service resource consumption or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain...

CVE-2017-5636

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

Deserialization of untrusted data

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

WPA2 Wireless Network PTK-TK Encryption Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a PTK-TK key reloading vulnerability in the fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

WPA2 Wireless Network Hibernation Mode IGTK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK key integrity reload vulnerability exists in the WPA2 wireless network hibernation mode. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

Shaanxi Knight Technology Development Co., Ltd. enterprise station building system has SQL injection vulnerability

Ltd. is a website design company with website construction and visual design development and brand online marketing promotion. Ltd. corporate website building system suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Microsoft Programming Error is Behind Dangerous Kernel Bug, Researchers Claim

Researchers claim a programming error in the Microsoft Windows kernel cracks the door open for malicious executables to bypass security software. The flaw, according to security firm EnSilo, has been present on previous versions of Windows dating back to Windows 2000 and can be found on Windows 1...

CVE-2017-1219

IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 123859...

CVE-2017-9833

/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of “../..” using the FILECAMERA variable sent by GET to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue e.g., a vulnerability on one type of camera because Boa does not include any...

Cisco Nexus 5000 Series Switches CLI Command Injection Vulnerability (cisco-sa-20170517-nss)

A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, a...

CVE-2017-8386: using the less command to bypass the git-shell limit-vulnerability warning-the black bar safety net

git-shell git remote session on the introduction of a ssh tunnel, is a restricted shell. Its the basic idea behind is, in the ssh session limit to be able to execute the command, so that it can only execute git needs the appropriate command. git needs to execute the command as follows:...

Ubuntu 14.04 LTS / 16.04 LTS : Apache HTTP Server vulnerabilities (USN-3279-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3279-1 advisory. It was discovered that the Apache modsessioncrypto module was encrypting data and cookies using either CBC or ECB modes. A remote attacker...

Ubuntu: Security Advisory (USN-3279-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3279-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache modsessioncrypto module was encrypting data and cookies using either CBC or ECB modes. A remote attacker could possibly use this issue to perform padding oracle attacks. CVE-2016-0736 Maksim Malyutin discovered that the Apache modauthdigest module incorrectly...