Database-Exploitation-Manual

🛡️ SecDB Auditor - Database Security Compiling Suite & Manual...

[SECURITY] Fedora 44 Update: qt6-qtvirtualkeyboard-6.10.3-1.fc44

The Qt Virtual Keyboard project provides an input framework and reference key board frontend for Qt 6. Key features include: Customizable keyboard layouts and styles with dynamic switching. Predictive text input with word selection. Character preview and alternative character view. Automatic...

[SECURITY] Fedora 43 Update: roundcubemail-1.6.12-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 42 Update: fcitx5-m17n-5.1.5-1.fc42

M17N is a large collection of input method, which can cover quite a lot languages in the world, including Latin, Arabic, etc...

DRUPAL-CONTRIB-2025-014

Open Social is a Drupal distribution for online communities, which ships with a default optional module social\language to make your platform multilingual. Some site administration configuration does not correctly check access when trying to translate allowing unauthorised people to translate the...

SEMCMS 安全漏洞

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A SQL injection vulnerability exists in SEMCMS version 4.8, which originates from the lack of validation of external SQL statements in SEMCMSMain.php. An attacker can exploit this vulnerability to execut...

AI and the Indian Election

As India concluded the worlds largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies--and what lessons that holds for the rest of the world. The campaigns made extensive use of AI...

The Phishing Industry

As I mentioned in my previous blog post, phishing attacks are now being created and executed on an industrial scale. Malicious actors are increasingly using highly sophisticated off-the-shelf phishing kits that allow them to deliver very targeted, short-lived attacks. These campaigns direct victi...

Code Execution Vulnerability in SongCMS Backend

SongCMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , multi-language support , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . SongCMS backend code execution vulnerabilities , attackers use the vulnerability to...

NETworkManager - A Powerful Tool For Managing Networks And Troubleshoot Network Problems!

A powerful tool for managing networks and troubleshoot network problems! Features Network Interface - Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY requires PuTTY TightVNC requires TightVNC SNMP - Get, Walk, Set v1, v2c, v3 Wake on LAN HTTP Headers...

Roaming Mantis, part III

In Q2 2018, Kaspersky Lab published two blogposts about Roaming Mantis sharing details of this new cybercriminal campaign. In the beginning, the criminals used DNS hijacking in vulnerable routers to spread malicious Android applications of Roaming Mantis aka MoqHao and XLoader, spoofing legitimat...

[SECURITY] Fedora 27 Update: roundcubemail-1.3.3-1.fc27

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

PWGen - Generator of cryptographically-strong passwords

PWGen is a professional password generator capable of creating large amounts of cryptographically-secure passwords or passphrases consisting of words from a word list. It uses a “random pool ” technique to generate random data based on user inputs keystrokes, mouse handling and volatile system...

Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities

No description provided by source. +Title Allpc 2.5 osCommerce SQL-i/XSS Multiple Vulnerabilities +Author RoAdKiLlEr +Contact RoAdKiLlEratKhg-CrewdotWs +Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- Founded by RoAdKiLlEr Team: Albanian Hacking...

OWASP Mantra Security Toolkit - Browser Based Security Framework

OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source...

Allpc 2.5 osCommerce Cross Site Scripting / SQL Injection

+Title Allpc 2.5 osCommerce SQL-i/XSS Multiple Vulnerabilities +Author RoAdKiLlEr +Contact RoAdKiLlEratKhg-CrewdotWs +Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- Founded by RoAdKiLlEr Team: Albanian Hacking Crew Version: 2.5 Vendor:...

Pulling Back the Curtain on Rogue AV Tech Support

We’ve blogged a few times about rogue AV, explaining how search engines have been abused using Black Hat Search Engine Optimization techniques to redirect web surfers to rogue AV websites. Recently, we’ve noticed that the rogue AVs being spread are all equipped with an “Online Support” button. Se...

Joomla com_autartimonial SQL Injection Vulnerability

Exploit for php platform in category web applications ==================================================== Joomla comautartimonial SQL Injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /...

Development Site Professional Liberal Company Institutional SQL Injection

Exploit for php platform in category web applications ======================================================================================= Development Site Professional Liberal Company Institutional SQL Injection Vulnerability...

Hotel Resort Site Script with OnLine Reservation System - SQL Injection

Hotel Resort Site Script with OnLine Reservation System - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Hotel / Resort Site Script with OnLine Reservation System SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.mformula.com.br Greetz to:Sid3^effects,...