Vortex - VPN Overall Reconnaissance, Testing, Enumeration And eXploitation Toolkit

VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit, that tries to automate most of the process required to detect, enumerate and attack common O365 and VPN endpoints like Cisco, Citrix, Fortinet, Pulse,...

TaoCMS Code Injection Vulnerability (CNVD-2022-33839)

TaoCMS is a CMS web content management system with perfect support for multiple databases Sqlite/Mysql. TaoCMS has a code injection vulnerability that can be exploited by attackers to execute code injection by arbitrarily editing .htaccess files to execute malicious code or write malicious code...

XSS in doc_link

Impact Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo extension to communicate with the database it is used if the native extensions are not enabled. In browsers without...

GHSA-2V82-5746-VWQC XSS in doc_link

Impact Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo extension to communicate with the database it is used if the native extensions are not enabled. In browsers without...

phpLiteAdmin Cross-Site Scripting Vulnerability (CNVD-2022-21815)

phpLiteAdmin is a web-based SQLite database management tool. phpLiteAdmin versions prior to 1.9.8.2 are vulnerable to cross-site scripting. The vulnerability stems from a newRows parameter in index.php that lacks a data validation filter for user-supplied data and output. An attacker could use th...

FreeTAKServer-UI SQL注入漏洞

FreeTAKServer-UI is an open source FTS web interface from the FreeTAKTeam team.FreeTAKServer-UI is vulnerable to SQL injection, which stems from the API endpoint/AuthenticateUser containing SQL injection into the SQLite3 database, which can be exploited by an attacker to obtain the database All...

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

PYSEC-2022-33

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

Exploit for Forced Browsing in Ametys

CVE-2022-26159-Ametys-Autocompletion-XML A python exploi...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via maliciously crafted SQL queries made via editing the Database File, it is possible to query a record and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

Sqlite has an unspecified vulnerability (CNVD-2022-18011)

Sqlite is a lightweight database, a relational database management system that adheres to ACID. SQLite3 versions 3.35.1 and 3.37.0 contain a security vulnerability that can be exploited by attackers to query records and leak subsequent memory bytes beyond the record to obtain sensitive informatio...

CVE-2021-45346

A memory leak flaw was found in the SQLite Project via maliciously crafted SQL Queries made via editing the Database File. This flaw allows a malicious user to obtain sensitive information due to a possible query to a record and leaking subsequent bytes of memory that extend beyond the record...

CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

DEBIAN-CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

UBUNTU-CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...

CVE-2021-45346

CVE-2021-45346 : SQLite3 (SQLite project) versions 3.35.1 and 3.37.0 are reported to have a memory-leak vulnerability triggered by maliciously crafted SQL queries (via editing the database file). The flaw could allow leaking memory beyond the queried record, potentially exposing sensitive informa...

SQLite 安全漏洞

Sqlite is a lightweight database, a relational database management system that adheres to ACID. SQLite3 versions 3.35.1 and 3.37.0 contain a security vulnerability that can be exploited by attackers to query records and leak subsequent memory bytes beyond the record to obtain sensitive informatio...

CVE-2021-45346

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain...