5327 matches found
Pharmacy Store Management System 1.0 SQL Injection
Exploit Title: Pharmacy Store Management System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 1.12.2020 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/13225/pharmacy-store-management-system.html Software Link:...
Car Rental Management System 1.0 Local File Inclusion / SQL Injection
Exploit Title: Car Rental Management System 1.0 - SQL Injection / Local File include Date: 22-10-2020 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...
Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass
Exploit Title: Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass Date: 21/11/2020 Exploit Author: Aditya Wakhlu Vendor Homepage: https://www.sourcecodester.com/php/14607/local-service-search-engine-management-system-using-phpmysqli-source-code.html Software Link:...
DNSx - A Fast And Multi-Purpose DNS Toolkit Allow To Run Multiple DNS Queries Of Your Choice With A List Of User-Supplied Resolvers
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple probers using retryabledns library, that allows you to perform multiple DNS queries of your choice with a list of user supplied resolvers. dnsx is successor of dnsprobe that includes new features, multiple bugs fixes, and tailored...
osCommerce 2.3.4.1 Cross Site Scripting
Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting Date: 2020-11-19 Exploit Author: Emre Aslan Vendor Homepage: https://www.oscommerce.com/ Version: 2.3.4.1 Tested on: Windows & XAMPP == Tutorial https://HOST/catalog/admin/newsletters.php?action=new 3- Enter the XSS paylo...
CVE-2020-25159
499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...
CVE-2020-25159
499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...
Stack overflow
499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...
BigBlueButton has an unspecified vulnerability
BigBlueButton is an open source Web conferencing system from the BigBlueButton community. security vulnerabilities exist in versions prior to BigBlueButton 2.2.29, the source of the vulnerability lacks cleanup for certain parameters, as evidenced by the control characters in the accepted username...
Driver Disk for Intel i40e 2.0.23 - For XenServer 7.x CR
Who Should Install this Driver Disk? Customers running a Citrix XenServer 7.x Current Release who use Intel's i40e driver and wish to use the latest version of the following: Driver Module| Version ---|--- i40e| 2.0.23 Issues Resolved In this Driver Disk Includes general enhancements and bug fixe...
Hotfix XS80E009 - For Citrix Hypervisor 8.0
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.0. All customers who are affected by the issues described inCTX266932 - Citrix Hypervisor Multiple Security Updatesshould install this hotfix. Information About this Hotfix Component| Details ---|---...
Driver Disk for LSI megaraid sas 07.701.18.00+rc1 - For XenServer 7.x CR
Who Should Install this Driver Disk? Customers running a Citrix XenServer 7.x Current Release who use LSI's megaraid-sas driver and wish to use the latest version of the following: Driver Module| Version ---|--- megaraid-sas| 07.701.18.00+rc1 Issues Resolved In this Driver Disk Includes general...
Citrix XenMobile Server File Disclosure
File disclosure vulnerability in Citrix XenMobile Server Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...
CVE-2020-27125
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...
Design/Logic Flaw
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...
Real Time Automation 499ES EtherNet/IP Adaptor Source Code Buffer Error Vulnerability
Real Time Automation 499ES EtherNet/IP Adaptor Source Code is a base development code package for applications that follow the EtherNet/IP standard from Real Time Automation. A buffer error vulnerability exists in Real Time Automation 499ES EtherNet/IP Adaptor Source Code prior to 2.28, which can...
PT-2020-20935
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 7.0.0 through 7.0.106 Apache Tomcat versions 8.5.0 through 8.5.59 Apache Tomcat versions 9.0.0.M1 through 9.0.39 Apache Tomcat versions 10.0.0-M1 through 10.0.0-M9 Description When serving resources from a network locati...
CVE-2020-27125
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...
Cisco Security Manager Static Credential Vulnerability
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...
Car Rental Management System 1.0 - 'car_id' Sql Injection
Exploit Title: Car Rental Management System 1.0 - 'carid' Sql Injection Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...