CVE-2023-48425

U-Boot vulnerability resulting in persistent Code Execution...

Remote code execution

An oversight in BCB handling of reboot reason that allows for persistent code execution...

CVE-2023-6181

An oversight in BCB handling of reboot reason that allows for persistent code execution...

CVE-2023-6181

CVE-2023-6181 affects Google Chromecast/Chromecast with Google TV via an oversight in the BCB reboot-handling that occurs in U-Boot, enabling persistent code execution. The issue is described across multiple feeds as a reboot-reason handling flaw with the root cause in BCB and potential for persi...

CVE-2023-48425

U-Boot vulnerability resulting in persistent Code Execution...

CVE-2023-48425

U-Boot vulnerability resulting in persistent Code Execution...

CVE-2023-48425

CVE-2023-48425 affects U-Boot and is described as a vulnerability that results in persistent code execution. The entry indicates a remote-accessable scenario (attack vector: NETWORK, attack complexity: LOW, privileges required: NONE) with high impact on confidentiality, integrity, and availabilit...

Google Chromecast Security Breach

Google Chromecast is a technology from the American company Google Google. It allows you to stream your favorite entertainment and apps from your phone, tablet or laptop directly to your TV or speakers. Google Chromecast has a security vulnerability that stems from a security flaw in BCB that...

jetty: Improper validation of HTTP/1 content-length

A flaw was found in Jetty that permits a plus sign + preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400...

PT-2023-30845 · U-Boot · U-Boot

Name of the Vulnerable Software and Affected Versions: U-Boot affected versions not specified Description: The issue is related to a U-Boot vulnerability that results in persistent code execution. Recommendations: At the moment, there is no information about a newer version that contains a fix fo...

PT-2023-32555 · Bcb · Bcb

Name of the Vulnerable Software and Affected Versions: BCB affected versions not specified Description: The issue is related to an oversight in BCB handling of reboot reason, allowing for persistent code execution. Recommendations: At the moment, there is no information about a newer version that...

PHPJabbers Appointment Scheduler 3.0 Cross Site Scripting

Exploit Title: PHPJabbers Appointment Scheduler v3.0 - Multiple Stored XSS Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/appointment-scheduler/ Version: v3.0 Tested on: Windows 10...

PHPJabbers Car Rental 3.0 Cross Site Scripting

Exploit Title: PHPJabbers Car Rental v3.0 - Multiple Stored XSS Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11,...

CVE-2022-45592

1 Server Side Request Forgery SSRF, 2 persistant Cross site scripting XSS, and 3 File upload vulnerability...

UBUNTU-CVE-2022-45592

1 Server Side Request Forgery SSRF, 2 persistant Cross site scripting XSS, and 3 File upload vulnerability...

CVE-2023-6435

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/batchesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to...

CVE-2023-6435

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/batchesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to...

CVE-2023-6432

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/itemsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to sto...

CVE-2023-6432

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/itemsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to sto...

CVE-2023-6429

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/clientsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user ...