Mitel Networks MiCollab Information Disclosure Vulnerability

An information disclosure vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Service component does not effectively filter output information. An attacker...

CVE-2021-32825

bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary location...

CVE-2021-32825 ZipSlip vulnerability in bblfshd

bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary location...

CVE-2021-32825

CVE-2021-32825 pertains to bblfshd, an open-source self-hosted server for source code parsing. The vulnerability, a zipslip flaw in the unpacking routine, arises from unsafe handling of symbolic links, allowing an attacker to read or write outside the designated target folder. Impact can include ...

Exploit for Cross-site Scripting in Online_Doctor_Appointment_System_Php_Full_Source_Code_Project Online_Doctor_Appointment_System_Php_Full_Source_Code

CVE-2021-25791-Multiple-Stored-XSS : Multiple Stored XSS Onlin...

Path Traversal

bblfshd is an open source self-hosted server for source code parsing. In bblfshd there is a zipslip vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may le...

CVE-2021-32072

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

CVE-2021-32072

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

CVE-2021-32072

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

CVE-2021-32072

The CVE-2021-32072 entry concerns Mitel MiCollab: the MiCollab Client Service component in MiCollab prior to version 9.3 has an information disclosure flaw due to insufficient output sanitization, allowing an attacker to view source code methods. Connected documents confirm the affected product a...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Introduction This repository was created f...

Mitel Networks MiCollab 信息泄露漏洞

An information disclosure vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Service component does not effectively filter output information. An attacker...

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

GSD-2021-1001449 watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()

watchdog: sc520wdt: Fix possible use-after-free in wdtturnoff This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.276 by commit...

uListing < 2.0.6 - Authenticated IDOR

An Authenticated User IDOR vulnerability was discovered in the plugin. Important: userid and listingid values ​​are dependent on each other, that is, if the author ID == 4, the data can only be modified for those ADs and pages that relate to this particular ID. You can find out the author of the...

White Box Testing What Is, Types, Techniques, Example

White Box Testing is programming trying, or rather inner center and foundation. Get familiar with about this strategy in this article. What is White Box Testing? White Box Testing can be depicted as a program-testing methodology in which a product’s interior construction, plan and coding are trie...

CVE-2021-33667

Under certain conditions, SAP Business Objects Web Intelligence BI Launchpad versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted...

Exam Hall Management System 1.0 - Unrestricted File Upload + Remote Command Execution Exploit

Exploit Title: Exam Hall Management System 1.0 - Unrestricted File Upload + RCE Unauthenticated Exploit Author: Davide 'yth1n' Bianchin Contacts: davide dot bianchin at dedagroup dot it Vendor Homepage: https://www.sourcecodester.com Software Link:...

GitDump - A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled

GitDump dumps the source code from .git when thedirectory traversal is disabled Requirements Python3 Tested on Windows Kali Linux What it does Dump source code from website/.git directory when directory traversal is disabled. How it works Fetch all common files .git/index, .git/HEAD, .git/ORIGHEA...

Billing System Project 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import requests import...