5296 matches found
CVE-2021-33736
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33734
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33734
CVE-2021-33734 is a SQL‑injection/command‑execution vulnerability in Siemens SINEC NMS Server (all versions < 1.0 SP2 Update 1). A privileged authenticated attacker could send crafted requests to the web server to execute arbitrary commands in the local database. The issue is part of a broader...
CVE-2021-33735
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33733
CVE-2021-33733 affects Siemens SINEC NMS (versions prior to 1.0 SP2 Update 1). The vulnerability is an SQL injection in the web server that, when combined with authenticated access, could allow an attacker to execute arbitrary commands in the local database by sending crafted requests. Impact is ...
CVE-2021-33733
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33732
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33731
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33730
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33730
CVE-2021-33730 affects Siemens SINEC NMS prior to v1.0 SP2 Update 1. The issue allows a privileged authenticated attacker to execute arbitrary commands in the local database by sending crafted requests to the web server of the affected application. The Red Hat, NVD, and Siemens/ISAS Nessus/CSAs e...
Exploit for Unrestricted Upload of File with Dangerous Type in Embedthis Goahead
Goahead webserver pre v5.1.5 RCE PoC CVE-2021-42342 A rec...
Backdrop CMS 1.20.0 Cross Site Request Forgery / Command Execution
Exploit Title: Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery CSRF Exploit Author: V1n1v131r4 Date: 2021-09-22 Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.20.0/backdrop.zip Version: 1.20.0 Tested On: Kali Linux,...
Online Reviewer System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Reviewer System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...
South Gate Inn Online Reservation System 1.0 Shell Upload / SQL Injection Vulnerabilities
Exploit Title: South Gate Inn Online Reservation System v1.0 - Remote Code Execution Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/php/10584/south-gate-inn-online-reservation-system.html Software Link:...
Budgets And Expense Tracker System 1.0 Shell Upload
Exploit Title: Budget and Expense Tracker System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-21 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...
Budget and Expense Tracker System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Budget and Expense Tracker System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-21 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...
Online Food Ordering System 2.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Link:...
Church Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Church Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...
Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Lin...
Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Church Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...