5327 matches found
Pisay Online E-Learning System 1.0 SQL Injection / Code Execution
Exploit Title: Pisay Online E-Learning System v1.0 - SQLi Auth Bypass + Remote Code Execution RCE Exploit Author: Bobby Cooke Date: May 5th, 2020 Vendor Homepage: https://www.sourcecodester.com/php/14192/pisay-online-e-learning-system-using-phpmysql.html Software Link:...
Online Clothing Store 1.0 SQL Injection
Exploit Title: Online Clothing Store 1.0 - 'username' SQL Injection Date: 2020-05-05 Exploit Author: Sushant Kamble Vendor Homepage: https://www.sourcecodester.com/php/14185/online-clothing-store.html Software Link:...
Klar - Integration Of Clair And Docker Registry
Integration of Clair and Docker Registry supports both Clair API v1 and v3 Klar is a simple tool to analyze images stored in a private or public Docker registry for security vulnerabilities using Clair https://github.com/coreos/clair. Klar is designed to be used as an integration tool so it relie...
Online Scheduling System 1.0 - Persistent Cross-Site Scripting
Exploit Title: Online Scheduling System 1.0 - Persistent Cross-Site Scripting Exploit Author: Bobby Cooke Date: 2020-04-30 Vendor Homepage: https://www.sourcecodester.com/php/14168/online-scheduling-system.html Software Link:...
Chinese COVID-19 detection firm hacked; source code sold on dark web
By Sudais Asif The hackers claim to have stolen a trove of data that is currently being sold on the dark web. This is a post from HackRead.com Read the original post: Chinese COVID-19 detection firm hacked; source code sold on dark web...
Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak
The discovery of leaked source code for two popular games – Counter-Strike: Global Offensive CS:GO and Team Fortress 2 – has led to security concerns and even calls for gamers to uninstall the software from their computers. The developer and publisher of the two games, Valve, is downplaying the...
CS:GO & Team Fortress 2 source code leaked – Virus alert for TF2
By Waqas The source code for Counter-Strike Global Offensive CS:GO and Team Fortress 2 TF2 have been leaked. This is a post from HackRead.com Read the original post: CS:GO & Team Fortress 2 source code leaked - Virus alert for TF2...
GHSA-24M3-W8G9-JWPQ Information disclosure of source code in SimpleSAMLphp
Background The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. Description The che...
Information disclosure of source code in SimpleSAMLphp
Background The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. Description The che...
Information Disclosure
simplesamlphp is vulnerable to information disclosure. It does not properly handle a request with an uppercase file extension '.PHP', causing the server to disclose the contents of the file by sending to the browser instead of executing it and therefore leaking the sensitive source code in...
CVE-2020-5301
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...
CVE-2020-5301
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...
Information disclosure
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...
CVE-2020-5301 Information disclosure of source code in SimpleSAMLphp
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...
Shanghai Chuangzheng Information Technology Co., Ltd. website building system has website source code leakage vulnerability
Shanghai Chuangzheng Information Technology Co., Ltd Chuangzheng was founded in 2005, is a national high-tech enterprise. Shanghai Chuangzheng Information Technology Co., Ltd. website building system has a website source code leakage vulnerability, attackers can use the vulnerability to obtain...
Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV
pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...
Overlay Malware Exploits Chrome Browser, Targets Banks and Heads to Spain
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image...
Arbitrary Code Execution
helixplayer is vulnerable to arbitrary code execution. Multiple security flaws were discovered in RealPlayer. Helix Player and RealPlayer share a common source code base; therefore, some of the flaws discovered in RealPlayer may also affect Helix Player. Some of these flaws could, when opening,...
Imgur: Sourcemaps and Unminified Source Code Exposed on Pages
Hello, I'm not sure if this was actually meant to be made public on purpose, but I was looking through some of the sources that were loaded and found out the following: https://imgur.com/ - See ██████ s.imgur.com - desktop-assets - js contains multiple minified JS files as one would usually expec...
Hacker Steals & Leaks Xbox Series X GPU Source Code
By Waqas The unknown hacker contacted AMD with information about stolen Xbox Series X Source Code and later leaked it on Github. This is a post from HackRead.com Read the original post: Hacker Steals & Leaks Xbox Series X GPU Source Code...