Lucene search
K

229 matches found

exploitpack
exploitpack
added 2018/10/29 12:0 a.m.60 views

Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection

Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Exploit Title: Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Softwar...

7.5CVSS0.5AI score0.03213EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/10/29 12:0 a.m.34 views

Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection

Exploit Title: Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

9.8CVSS9.7AI score0.03213EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2018/09/27 12:0 a.m.5 views

November 2, 2017—KB4049370 (OS Build 15063.675)

November 2, 2017—KB4049370 OS Build 15063.675 Improvements and fixes This release is intended for Microsoft Surface Laptop audiences only. This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where...

7.5AI score
Exploits0
NVD
NVD
added 2017/11/15 4:29 p.m.21 views

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

5.3CVSS5.3AI score0.00561EPSS
Exploits4References3
OSV
OSV
added 2017/11/15 4:29 p.m.5 views

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

5.3CVSS5.8AI score0.00561EPSS
Exploits4References3
Prion
Prion
added 2017/11/15 4:29 p.m.16 views

Default credentials

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

2.1CVSS5.3AI score0.00561EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2017/11/15 4:0 p.m.23 views

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

5.4AI score0.00561EPSS
Exploits4References3
Microsoft KB
Microsoft KB
added 2017/10/16 7:0 a.m.74 views

October 10, 2017—KB4041681 (Monthly Rollup)

October 10, 2017—KB4041681 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4038803 released September 19, 2017 and resolves the following issues: Addressed issue with docking and undocking Internet Explorer windows. Addressed...

10CVSS8.5AI score0.64132EPSS
Exploits13
Packet Storm
Packet Storm
added 2017/05/23 12:0 a.m.192 views

Simple ASC CMS 1.2 Cross Site Scripting

Document Title: =============== Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2072 Release Date: ============= 2017-05-21 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/05/21 12:0 a.m.83 views

Simple ASC CMS v1.2 - (Guestbook) Persistent Vulnerability

Document Title: =============== Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2072 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15947 CVE-ID: ======= CVE-2017-15947 Release Date:...

3.5CVSS5.9AI score0.00523EPSS
Exploits3
Hacker One
Hacker One
added 2017/02/09 3:55 p.m.15 views

U.S. Dept Of Defense: Access to job creation web page on http://████████

Summary: Hi DoD Team ! It looks like we may access to an ASP form on http://███ which enables any unauthenticated web user to create new jobs in the website database without any control. Furthermore, it seems that asp files are created with txt extensions too that enable the files to be readable...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/04/25 12:0 a.m.70 views

XYCMS健身会所建站系统 v1.1 jsxm_detail.asp 参数id SQL注入漏洞

0x01漏洞简介 XYCMS健身会所建站系统采用asp+access架构。其v1.1版本在/jsxmdetail.asp处对参数id 过滤不严,导致出现SQL注入漏洞。 0x02漏洞详情 该系统默认存在一个管理员数据表adminuser,该表包含管理员名称字段admin和密码 md5加密字段password,远程攻击者可以结合union方式获取敏感信息,登陆后台,上传shell。 0x03修复方案 过滤。...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/02/11 12:0 a.m.124 views

Yeager CMS 1.2.1 File Upload / SQL Injection / XSS / SSRF

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Yeager CMS vulnerable version: 1.2.1 fixed version: 1.3 CVE number: CVE-2015-7567,...

0.5AI score0.08439EPSS
Exploits9
exploitpack
exploitpack
added 2015/12/10 12:0 a.m.15 views

Avast! - JetDb::Ised4x Performs Unbounded Search on Input

Avast! - JetDb::Ised4x Performs Unbounded Search on Input Source: https://code.google.com/p/google-security-research/issues/detail?id=551 The attached Microsoft Access Database causes JetDb::IsExploited4x to be called, which contains an unbounded search for objects. Proof of Concept:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/12/10 12:0 a.m.18 views

Avast! - JetDb::Ised4x Performs Unbounded Search on Input

Source: https://code.google.com/p/google-security-research/issues/detail?id=551 The attached Microsoft Access Database causes JetDb::IsExploited4x to be called, which contains an unbounded search for objects. Proof of Concept:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

SmartWin CyberOffice Shopping Cart 2.0 Client Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1734/info Smartwin Technology CyberOffice Shopping Cart is a shopping cart application for e-commerce enabled websites running Windows NT 4.0 or 2000. It is possible for a remote user to gain read access to the private...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Web Wiz Forum 6.34 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7380/info Web Wiz Forum has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Forum application...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Image gallery with Access Database dispimage.asp id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21131/info Image gallery with Access Database is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

ASPSiteware Recipe Organizer SQL Injection

No description provided by source. Author: R4dc0re Exploit Title: ASPSiteware Recipe Organizer SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link: www.aspsiteware.com Category:WebApp Version:1.0 Price:50$ Contact: [email protected] Website: www.1337db.com Greetings to:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

ASPSiteware Contact Directory 1.0 - SQL Injection

No description provided by source. Author: R4dc0re Exploit Title: ASPSiteware Contact Directory SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link: www.aspsiteware.com Category:WebApp Version:1.0 Price:40$ Contact: [email protected] Website: www.1337db.com Greetings to:...

7.1AI score
Exploits0
Rows per page
Query Builder