65 matches found
Wordpress Travelscape v1.0.3 Theme - Arbitrary File Upload Exploit
Exploit Title: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys import os.path import requests import re import urllib3 from requests.exceptions import SSLError from multiprocessing.dummy impor...
Exploit for CVE-2021-43008
cve-2022-21907-http.sys by 1vere$k CVE-2022-21907 - Double Fre...
Online Banquet Booking System 1.0 Cross Site Request Forgery
Exploit Title: Online Banquet Booking System - 'change admin credentials' Cross-Site Request Forgery CSRF Date: 04/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/online-banquet-booking-system-using-php-and-mysql/ Version: 1.0...
Windows IIS HTTP Protocol Stack DOS
This module exploits CVE-2021-31166, a UAF bug in http.sys when parsing specially crafted Accept-Encoding headers that was patched by Microsoft in May 2021, on vulnerable IIS servers. Successful exploitation will result in the target computer BSOD'ing before subsequently rebooting. Note that the...
Charity Management System CMS 1.0 - Multiple Vulnerabilities
Exploit Title: Charity Management System CMS 1.0 - Multiple Vulnerabilities Date: 18/08/2021 Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/tips23 Software Link:...
Kartris 1.6 Arbitrary File Upload
Exploit Title: Kartris 1.6 - Arbitrary File Upload Dork: N/A Date: 2020-05-08 Exploit Author: Nhat Ha - Sun CSR Vendor Homepage: https://www.cactusoft.com/ Software Link: https://www.kartris.com/ Version: 1.6 Category: Webapps Tested on: WiN10x64/KaLiLinuXx64 CVE: N/A POC:...
Learning With Texts 1.6.2 SQL Injection
Exploit Title: Learning with Texts 1.6.2 - 'start' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://lwt.sourceforge.net/ Software Link: https://sourceforge.net/projects/lwt/files/latest/download Version: 1.6.2 Category: Webapps Tested on:...
GHSA-CQJG-WHMM-8GV6 Denial of Service via malformed accept-encoding header in hapi
Affected versions of hapi will crash or lock the event loop when a malformed accept-encoding header is recieved. Recommendation Update to version 16.1.1 or later...
Denial of Service via malformed accept-encoding header in hapi
Affected versions of hapi will crash or lock the event loop when a malformed accept-encoding header is recieved. Recommendation Update to version 16.1.1 or later...
Design/Logic Flaw
hapi is a web and services application framework. When hapi = 15.0.0 = 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached...
CVE-2017-16013
hapi is a web and services application framework. When hapi = 15.0.0 = 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached...
CVE-2017-16013
hapi is a web and services application framework. When hapi = 15.0.0 = 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached...
ManageEngine Applications Manager 13 - SQL Injection Vulnerability
Exploit for windows platform in category web applications ManageEngine Applications Manager version 13 suffers from multiple post-authentication SQL injection vulnerabilities. Proof of Concept 1 name= parameter is susceptible: POST /manageApplications.do?method=insert HTTP/1.1 Host:...
Cloudflare: SSRF
Hi i make report grabtaxi for SSRF But grabtaxi answer me coffeecup closed the report and changed the status to Not Applicable. Jul 26th 2 hrs ago Hello @linkks - After further review, we have determined that this is not SSRF on any of our web properties or assets. All IP's mentioned in this repo...
Denial Of Service (DoS)
hapi is vulnerable to denial of service DoS attacks. A malicious user can send a malicious accept-encoding header to the system that causes the library to crash or the client to hang until the timeout period is reached...
Denial of Service via malformed accept-encoding header
Overview Affected versions of hapi will crash or lock the event loop when a malformed accept-encoding header is recieved. Recommendation Update to version 16.1.1 or later. References - Issue 3466 - GitHub Advisory...
Radancy: Application error message
Attack details HTTP Header input X-Forwarded-For was set to 12345'"'";|%00%0d%0a%bf%27'??? Error message found: Warning: inetpton function.inet-pton: Unrecognized address 12345'"\'\";|%00%0d%0a%00%bf%27' in...
Endian Firewall 3.0.0 - OS Command Injection (Python)
Endian Firewall 3.0.0 - OS Command Injection Python !/usr/bin/env python Endian Firewall Proxy User Password Change /cgi-bin/chpasswd.cgi OS Command Injection Exploit POC Reverse TCP Shell Ben Lincoln, 2015-06-28 http://www.beneaththewaves.net/ Requires knowledge of a valid proxy username and...
Cart Engine 3.0 - Multiple Vulnerabilities
=== Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially crafted HTTP request, it is possible to exploi...
Neon WebDAV Client Library 0.2x Format String Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10136/info It has been reported that the Neon client library is prone to multiple remote format string vulnerabilities. This issue is due to a failure of the application to properly implement format string functions...