Sql injection

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the 1 showprn parameter to webapp/users/prnow.jsp or showmonth parameter to 2 webapp/users/blhistory.jsp or 3 webapp/users/prhistory.jsp...

Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection

Exploit Title: Affiliate MLM Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/affiliate-mlm-script/ Demo: http://www.smsemailmarketing.in/demo/Affiliate/ Version: 1.0 Category: Webapps Test...

[SECURITY] Fedora 27 Update: git-annex-6.20170925-3.fc27

Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...

web2Project 3.3 Cross Site Scripting

| | Exploit Title: web2Project cms Cross Site ScriptingXSS | Exploit Author: Ashiyane Digital security Team | Vendor Homepage : https://web2project.net/ | Software Link: https://github.com/web2project/web2project/archive/version3.3.tar.gz | Version: 3.3 | Date: 2017-11-06 | Category: Webapps |...

wig - WebApp Information Gatherer

wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. The application fingerprinting is based on checksums and string matching of known files for different versions of CMSes. This results in a score being...

Unspecified Vulnerability in Oracle Hospitality Cruise Fleet Management (CNVD-2017-31322)

Oracle Hospitality Applications is a suite of business applications, servers, and storage solutions for hospitality management from Oracle Corporation. Oracle Hospitality Cruise Fleet Management is one of the fleet management components of Oracle Hospitality Cruise Fleet Management, which provide...

CVE-2017-1002002

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

CVE-2017-1002002

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

Design/Logic Flaw

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

CVE-2017-1002002

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

CVE-2017-1002002

The CVE-2017-1002002 entry describes a vulnerability in the WordPress plugin webapp-builder v2.0, where the plugin “includes unlicensed vulnerable CMS software from http://www.invedion.com/.” This indicates a root cause related to embedded third‑party CMS software within the plugin, exposing the ...

IC-T-Shirt 1.2 - key SQL Injection

IC-T-Shirt 1.2 - key SQL Injection Exploit Title: Custom T-Shirt WebStore Script 1.2 - SQL Injection Dork: N/A Date: 13.09.2017 Vendor Homepage: http://www.icloudcenter.com/ Software Link: http://www.icloudcenter.com/t-shirt.htm Demo: http://icloudcenter.net/demos/ictshirt/ Version: 1.2 Category:...

NMapGUI - Advanced Graphical User Interface for NMap

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. If you have any questions about NMapGUI usage or want to get in contact with me, please visit: Twitt...

Apache Atlas < 0.8 Access Vulnerability

Apache Atlas is prone to an access vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:atlas"; ifdescription...

Design/Logic Flaw

Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...

PYSEC-2017-105

Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...

CVE-2016-8752

Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...

CVE-2016-8752

Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...

veuro.de XSS vulnerability

Vulnerable URL: http://www.veuro.de/webapp/content/register.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 12.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 764012 VIP website status:| No Check veuro.de SSL connection:| Grade:...

CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...