678 matches found
Win32.MarsStealer Web Panel Cross Site Scripting
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8abb41f6e7010d70c90f65fd9a740faaB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Win32.MarsStealer Web Panel Vulnerability: Unauthenticated Remote Persistent XSS Description: The...
AgentTesla Builder Web Panel SQL Injection Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7B.txt Contact: email protected Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: SQL Injection Description: The AgentTeslaBuilder WebUI uses...
PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection Vulnerability
PuneethReddyHC Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability. CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection...
PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection
CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. The proId parameter on the /action.php page does not sanitize the user input, an attacker can extract...
Fedora: Security Advisory for cacti (FEDORA-2021-0b8814db99)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Kmaleon 1.1.0.205 SQL Injection
Exploit Title: Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection Authenticated Google Dork: intitle: "Inicio de Sesión - Kmaleon" Date: 2021-11-05 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.levelprograms.com Software Link: https://www.levelprograms.com/kmaleon-abogados/ Version...
WordPress 插件安全漏洞
WordPress is a set of Wordpress Foundation's blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on servers with PHP and MySQL. WordPress Plugin is a WordPress open source application plugin. WordPress Squaretype has a security vulnerabili...
USN-5123-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the...
Online Motorcycle (Bike) Rental System 1.0 SQL Injection
Exploit Title: Online Motorcycle Bike Rental System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Chase ComardelleCASO Date: October 18, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14989/online-motorcycle-bike-rental-system-phpoop-source-code.html Software Link...
Exploit for SQL Injection in Online-Shopping-System-Advanced_Project Online-Shopping-System-Advanced
CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shoppin...
Exploit for SQL Injection in Online-Shopping-System-Advanced_Project Online-Shopping-System-Advanced
CVE-2021-41649 CVE-2021-41649 SQL Injection in online-shoppin...
SourceCodester Simple Food Website SQL Injection Vulnerability
SourceCodester Simple Food Website is a CMS by SourceCodester, Inc. developed using PHP and MySQL database. sourcecodester Basic Shopping Cart is vulnerable to SQL injection, which can be exploited by attackers to bypass authentication Become an administrator...
PT-2021-15376 · F5 · Big-Ip
Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x through 13.1.3.6 BIG-IP versions 14.1.x through 14.1.3.1 BIG-IP versions 15.1.x through 15.1.3 Description: When the brute force protection feature of BIG-IP Advanced WAF or BIG-IP ASM is enabled on a virtual server and...
CVE-2021-39378
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the NamesList.php str parameter...
F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM MySQL database vulnerability (K36942191)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.3.1 / 15.1.3 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K36942191 advisory. - On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the...
U.S. Dept Of Defense: SQL injection located in `███` in POST param `████████`
Hey DoD security team! I was able to exploit an SQL injection 1 in one of your domains. Description An SQL injection 1 was discovered in domain https://████████/██████ in the parameter ██████████. The SQL injection was located in a WHERE statment fallowed by a INT value. The vulnerable parameter...
Logic flaw vulnerability in PHPOK of Shenzhen Kunshuo Technology Co. Ltd (CNVD-2021-51497)
PHPOK is a set of popular enterprise website construction system written in PHP language and MySQL database. Ltd. PHPOK has a logic flaw vulnerability that can be exploited by attackers to gain control of the server...
Dream CMS suffers from SQL injection vulnerability (CNVD-2021-51284)
Dream CMS lmxcms is developed using php language and mysql database, and adopts the mainstream MVC design model. Dream CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in Ai Qing Lemon CMS (CNVD-2021-51250)
Aizumi CMS is a php music website developed with php MySQL. Aizumi CMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Jinan Ai Cheng Network Technology Co., Ltd. iWebShop open source mall system with command execution vulnerabilities
iWebShop open source mall system is a PHP language and MYSQL database based on the development of B2B2C single-user and multi-user open source free mall system . Jinan Ai Cheng Network Technology Co., Ltd. iWebShop open source mall system there is a command execution vulnerability , attackers can...