29 matches found
Sql injection
Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attacker to dump all the contents of the database contents and bypass the login control...
CVE-2022-29363
Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...
PHPOK 代码问题漏洞
PHPOK is an enterprise website builder with extended support. A security vulnerability exists in PHPOK v6.1, which originates from a deserialization vulnerability in the updatef function of logincontrol.php in Phpok v6.1, which can be exploited by an attacker to write to an arbitrary file and...
The vulnerability of the init process of the loginctl subsystem of Systemd, related to security configuration errors, allows a perpetrator to access confidential data.
The vulnerability of the loginctl process in the initialization and service management subsystem of Systemd is related to security configuration errors. Exploiting this vulnerability can allow an attacker to access confidential data...
CVE-2018-16142
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/logincontrol.php via the back parameter to the okf function...
Cross site scripting
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/logincontrol.php via the back parameter to the okf function...
CloudBees Jenkins User Privilege Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor continuous software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins a long-ter...
A step-by-step teach you to use the U disk into password of system-vulnerability warning-the black bar safety net
U disk is now very popular, however, if you just take it to store data, perhaps a little pity. In fact, we also can make U disk to play a greater energy! For example, today xiaobian teach you a trick that will allow your USB disk instead of the login system The password only when you plug in the ...
Think of a use webshell to run the system password of the way-vulnerability warning-the black bar safety net
| Haiyang the webshell has a switch is to control what logged in webshell. --- Assumed to have been the target of the webshell, and collected some of the password, and the target has no ftp, mssql like the port is open, then we can be used to run the system password, try luck. Specific: Modify...