📄 AVideo 18.0 Cross Site Scripting

AVideo version 18.0 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : AVideo 18.0 XSS vulnerability | | Author : indoushka | | Tested on : windo...

EUVD-2023-56022

Malicious code in bioql PyPI...

CVE-2023-51301

A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

PHPJabbers Cinema Booking System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Cinema Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cinema-booking-system/sectionDemo Version: v1.0 Tested on: Windo...

b2evolution Code Execution Vulnerability

b2evolution is a community content management system based on PHP and MySQL. A security vulnerability exists in b2evolution CMS v7.2.3, which can be exploited by an attacker to execute arbitrary code via the parameter cfqueryparam in the user login section...

D-Link DIR-823G 命令注入漏洞

The D-Link DIR-823G is an AC1200M dual-band gigabit wireless router.A command injection vulnerability exists in the HNAP1 protocol of the D-Link DIR-823G version 1.0.2B05. The vulnerability can be exploited to execute arbitrary web scripts via shell meta characters in the PrivateLogin field of th...