25 matches found
EUVD-2024-3548
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-5202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program...
CVE-2022-41612
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Shareaholic Similar Posts plugin = 3.1.6 versions...
CVE-2019-17431
An issue was discovered in fastadmin 1.0.0.20190705beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability...
Design/Logic Flaw
An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. A lack of encryption in how the user login cookie admin-auth is stored on a victim's computer results in the admin password being discoverable by a local attacker, and usable to gain administrative access to the victim's router...
CVE-2013-2645
CVE-2013-2645 affects the TP-LINK WR1043N router (firmware TL-WR1043ND_V1_120405). Multiple CSRF vulnerabilities allow remote attackers to hijack administrator authentication by crafting requests that alter FTP settings and bandwidth controls (e.g., shareEntire to enable FTP, nas_admin_pwd to cha...
lulieblog 1.2 - Multiple Vulnerabilities
No description provided by source. LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection Author: Cod3rZ Site: http://cod3rz.helloweb.eu Site: http://devilsnight.altervista.org Date: 06/05/2008 dd/mm/yyyy Admin Auth Bypass: Modify Articles: send a reques...
[oss-security] CVE request: various NodeJS module vulnerabilities
Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE; CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660 https://nodesecurity.io/advisories printer potential command...
Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability
Document Title: =============== Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1081 Release Date: ============= 2013-09-19 Vulnerability Laboratory ID VL-ID: ==================================== 108...
Edimax IC-3030iWn - UDP Packet Password Information Disclosure
Edimax IC-3030iWn - UDP Packet Password Information Disclosure source: https://www.securityfocus.com/bid/54006/info Edimax IC-3030iWn is prone to an information-disclosure vulnerability. Successful exploits will allow a remote attacker to gain access to sensitive information. Information obtained...
Edimax IC-3030iWn Web Admin Auth Bypass exploit
Exploit for hardware platform in category web applications This exploit against: - Edimax IC-3030i - Edimax IC-3015 - Airlive WN 500 !/usr/bin/env python """ Exploit Title: Edimax IC-3030iWn Web Admin Auth Bypass exploit Date: 4 April 2012 Exploit Author: email protected, @y3dips URL:...
KLA10101 SB vulnerabilities in Cerberus FTP Server
A CSRF vulnerability was found in the Cerberus FTP Server. By exploiting this vulnerability malicious users can hijack the administrators’ auth. This vulnerability can be exploited from the network at a point related to the web interface. Original advisories - Related products Cerberus-FTP-Server...
Bintech Systems LLC SQL Injection
Exploit Title: Bintech Systems LLC Admin Auth Bypass Exploit Google Dork: "Powered By: Bintech Systems LLC" Date: 11-03-2012 Author: BLACK BURN BBHH Tested on: Linux Exploit : http://localhost/ptah/login.asp user: 'or''=' pass: 'or''=' Demo :...
Bintech Systems LLC SQL Injection
Exploit for asp platform in category web applications Exploit Title: Bintech Systems LLC Admin Auth Bypass Exploit Google Dork: "Powered By: Bintech Systems LLC" Date: 11-03-2012 Author: BLACK BURN BBHH Tested on: Linux Exploit : http://localhost/ptah/login.asp user: 'or''=' pass: 'or''=' Demo :...
Paddelberg Topsite Script Insecure Cookie
Exploit Title: Paddelberg's topsite-script admin auth bypass. Google Dork: intext:"powered by php scripte webmaster resource" Date: 8. 1. 2012 Author: Christian Inci Software Link: http://www.paddelberg.de/gratis-toplisten-script/gratis-download/ Version: = 1.23 22. 9. 2007 Tested on: 1.23 Vendor...
Bintech Systems LLC Admin Auth Bypass Exploit
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Ez sitebuilder <= Admin Auth Bypass Vulnerability
Exploit for php platform in category web applications ===================================================================== . . . . | | ||/ | || | / / \ / /\ | | / | \ \ | |/ | \ / | || | // | / // | \ /\ | /|//|||| |\ | / /|| / Exploit-ID is the Exploit Information Disclosure Web :...
Concept Medya Admin Auth ByPass
Exploit for php platform in category web applications Exploit Title: Concept Medya Admin Auth ByPass Date: 13 June 2011 Author: CriminalCoder beyz4de.wordpress.com Category: webapps Google dork: inurl:loginkontrol.asp Tested on: Windows Xp SP3 Home: spyroot.in & rootarea.com + Default admin panel...
Xataface Admin Auth Bypass Vulnerability
Exploit for unknown platform in category web applications ======================================== Xataface Admin Auth Bypass Vulnerability ======================================== ======================================================= =======================================================...
XGuestBook 2.0 - Authentication Bypass
Author = FireShot , Jacopo Vuga. Mail = fireshotautisticiorg Vulnerability = SQL Admin Auth Bypass Software = XGuestBook v2.0 Download =http://script.wareseeker.com/download/xguestbook.rar/14488 Greets to = Osirys, Myral, str0ke CODE $user = $POST'user'; $pass = md5$POST'pass'; $result =...