143 matches found
SLICAN WebCTI Cross-Site Scripting Vulnerability
SLICAN WebCTI is a telephony application. A cross-site scripting vulnerability exists in SLICAN WebCTI version 1.01 2015, which can be exploited by an attacker to steal a user's session by injecting malicious JavaScript code, which can lead to session hijacking and result in theft of user...
SLICAN WebCTI 跨站脚本漏洞
SLICAN WebCTI is a telephony application. A cross-site scripting vulnerability exists in SLICAN WebCTI version 1.01 2015, which can be exploited by an attacker to steal a user's session by injecting malicious JavaScript code, which can lead to session hijacking and result in theft of user...
CVE-2021-38339 Simple Matted Thumbnails <= 1.01 Reflected Cross-Site Scripting
The Simple Matted Thumbnails WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /simple-matted-thumbnail.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.01...
FileCOPA FTP Server 1.01 Denial Of Service
!/usr/bin/perl e-mail: [email protected] Date: 04/06/2021 Version Vulnerable: FileCOPA FTP Server 1.01 OS Tested: Windows XP PACK 3 Brazilian e Windows 2000 Youtube video: https://youtu.be/A9cEoyY9Bd4 badchars \0x00\0x0a use Net::FTP; use Term::ANSIColor; $sis="$^O"; print $sis; if $sis...
CVE-2021-20684
Cross-site scripting vulnerability in MagazinegerZ v.1.01 allows remote attackers to inject an arbitrary script via unspecified vectors...
CGI Script Market Magazine Gar Z 跨站脚本漏洞
CGI Script Market Magazine Gar Z is a CGI Script Market open source application. A CGI script that provides e-mail press release distribution capabilities for Web sites. A security vulnerability exists in Magazinger Z v.1.01, which originates from an arbitrary script that can be executed on a web...
TimeClock Software 1.01 SQL Injection
!/usr/bin/python3 Exploit Title: TimeClock Software 1.01 Authenticated Time-Based SQL Injection Date: July 21, 2020 Exploit Author: François Bibeau Co Author: Tyler Butler, http://tbutler.org, https://twitter.com/tbutler0x90 Vendor Homepage: http://timeclock-software.net/ Software Link:...
CVE-2016-10964
The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header...
D-Link DSL-3782 OS Command Injection Vulnerability
The D-Link DSL-3782 is a wireless router from AUO D-Link of Taiwan, China. An operating system command injection vulnerability exists in the D-Link DSL-3782 with firmware version 1.01. The vulnerability arises from a network system or product that does not properly filter special characters,...
ABB M2M ETHERNET Improper Authentication Vulnerability
ABB M2M ETHERNET is a network analysis device from ABB Switzerland. An authorization issue vulnerability exists in ABB M2M ETHERNET FW version 2.22 and earlier and ETH-FW version 1.01 and earlier. An attacker can exploit this vulnerability to upload malicious language files...
DLink #DSL2750B OS Command Injection Exploit
This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03. This module requires Metasploit:...
D-Link DSL-2750B OS Command Injection
This module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03. This module requires Metasploit:...
PT-2018-3913 · D Link · D-Link Dsl-3782
Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 versions 1.01 Description: The issue is related to a buffer overflow in the /userfs/bin/tcapi binary of the Diagnostics component in the D-Link DSL-3782 router's firmware. This can be exploited by passing a long buffer as the...
CVE-2017-10188
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications subcomponent: Suite 8/Android. The supported version that is affected is 1.01. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Hospitality Hotel Mobile...
Oracle Hospitality Hotel Mobile Local Vulnerability
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hotel management from Oracle. The solution provides human resources cost management, provide customer service throughout the journey tracking management to improve customer satisfaction, etc...
D-Link DIR-100 Cross-Site Request Forgery Vulnerability
The D-Link DIR-100 is a compact broadband router with integrated firewall functionality. A cross-site request forgery vulnerability exists in D-Link DIR-100 version 1.01. It allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in th...
Pixie CMS 1.01 - 1.04 - Blind SQL Injections
No description provided by source. Exploit Title: Pixie CMS 1.01 - 1.04 pixieuser Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1.01 - 1.04...
Ocean12 ASP Calendar Manager 1.0 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15329/info Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability. This is due to to an access validation error in the application. The application does properly verify access privileges and allow...
LushiNews <= 1.01 (comments.php) Remote SQL Injection Exploit
No description provided by source...
BusyBox 1.01 HTTPD Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...