CRLFsuite - Fast CRLF Injection Scanning Tool

CRLFsuite is a fast tool specially designed to scan CRLF injection. Installation $ git clone https://github.com/Nefcore/CRLFsuite.git $ cd CRLFsuite $ sudo python3 setup.py install $ crlfsuite -h Features Single URL scanning Multiple URL scanning Stdin supported GET & POST method supported...

HMS SQL Injection Vulnerability

HMS is a computer or web-based hospital management system. Useful for managing the operations of a hospital or any medical facility, a SQL injection vulnerability exists in HMS version 1.0, which stems from the presence of multiple parameters when requesting appointment.php using the POST method...

GHSA-7QF3-C2Q8-69M3 Reflected XSS vulnerability in Jenkins markup formatter preview

Jenkins allows administrators to choose the markup formatter to use for descriptions of jobs, builds, views, etc. displayed in Jenkins. When editing such a description, users can choose to have Jenkins render a formatted preview of the description they entered. Jenkins 2.274 and earlier, LTS...

HMS SQL注入漏洞

HMS is a computer or web-based hospital management system. Useful for managing the operations of a hospital or any medical facility, a SQL injection vulnerability exists in HMS version 1.0, which stems from the presence of multiple parameters when requesting appointment.php using the POST method...

Improper Input Validation in Jenkins

The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, , supports form validation e.g. for API keys. The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations o...

Country Selector < 1.6.6 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the country and lang parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting " / " /...

Shopify: Same the Url

Summary: i found the /graphql path and /performancereport with the post method. when i will create page with name /graphql i am not allowed on the grounds it is reserved but i can create page with name performancereport. although both use the same method but only /graphql cannot be created. Shops...

WPLegalPages < 2.7.1 - Subscriber+ Arbitrary Settings Update to Stored XSS

The plugin does not check for authorisation and has a flawed CSRF logic when saving its settings, allowing any authenticated users, such as subscriber, to update them. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored Cross-Site Scripting Run the below command in...

Web Cache Vulnerability Scanner - A Go-based CLI Tool For Testing For Web Cache Poisoning

Web Cache Vulnerability Scanner WCVS is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit. The scanner supports many different web cache poisoning techniques, includes a crawler to identify further URLs to test, and can adapt to a specific web cache for more efficien...

Alfa Team Shell Tesla 4.1 Remote Code Execution

Exploit Title: ALFA TEAM SHELL TESLA 4.1 - 'cmd' Remote Code Execution Unauthenticated Google Dork: inurl:/alfacgiapi intext:alfa Date: 2021-12-19 Exploit Author: Aryan Chehreghani Vendor Homepage: http://solevisible.com Software Link: https://phpshells.com/alfa-tesla-v4-1-shell Version: v4.1...

Alfa Team Shell Tesla 4.1 Remote Code Execution Vulnerability

Exploit Title: ALFA TEAM SHELL TESLA 4.1 - 'cmd' Remote Code Execution Unauthenticated Google Dork: inurl:/alfacgiapi intext:alfa Exploit Author: Aryan Chehreghani Vendor Homepage: http://solevisible.com Software Link: https://phpshells.com/alfa-tesla-v4-1-shell Version: v4.1 Tested on: Windows 1...

Easy Cart Shopping Cart - (Search) Persistent Vulnerability

Document Title: =============== Easy Cart Shopping Cart - Search Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2298 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

XVIDEOS: CSRF on delete friend requests - Not protected with CSRF Token

Summary: Hello XVideos Security Team, The is a possibility of CSRF on the POST method when deleting friend requests that are sent by the users. Any user can send the malicious contents to perform the post method in order to delete a friend request for a specific member. Steps To Reproduce: 1. Log...

Cross-Site Request Forgery (CSRF) in code16/sharp

Description Attacker is able to logout a user if a logged in user visits attacker website. Impact This vulnerability is capable of forging user to unintentional logout. Test Tested on Edge, firefox, chrome and safari. Fix You should use POST instead of GET. To expand: One way GET could be abused...

My Movie Collection Sinatra App - (Login) XSS Vulnerabilities

Document Title: =============== My Movie Collection Sinatra App - Login XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2293 Release Date: ============= 2021-11-01 Vulnerability Laboratory ID VL-ID: ==================================...

Vanguard v2.1 - (Search) POST Inject Web Vulnerability

Document Title: =============== Vanguard v2.1 - Search POST Inject Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2283 Release Date: ============= 2021-10-25 Vulnerability Laboratory ID VL-ID: ==================================== 2283...

PHP Melody v3.0 - (submitted) Persistent XSS Vulnerability

Document Title: =============== PHP Melody v3.0 - submitted Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2292 Bulletin: https://www.phpsugar.com/blog/2021/09/php-melody-3-0-vulnerability-report-fix/ Release Date:...

Online Traffic Offense Management System 1.0 Cross Site Scripting

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple XSS Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

Online Traffic Offense Management System 1.0 - Multiple XSS (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple XSS Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

MTN Group: Reflected XSS on dailydeals.mtn.co.za

Hello MTN Team. i found Reflected XSS on https://dailydeals.mtn.co.za/index.cfm?GO=DEALS vi cpID parameter with POST method Steps To Reproduce: 1. Intercept the https://dailydeals.mtn.co.za/index.cfm?GO=DEALS 2. Change Method to POST 3. Add empty line after last header 4. Write this code...