EUVD-2018-11939

Malware in sbrugna...

D-link ten vulnerabilities 0Day studies attach detailed procedures-vulnerability warning-the black bar safety net

Security researcher Pierre Kim recently revealed the D-Link DIR 850LAC1200-Type Dual-Band Gigabit cloud router is exposed 10 a safety score comprisesXSSattack invasion, shortage of proper firmware cover, back door and root mention the right. Here are 10 Safety scores are: Firmware to. The firmwar...

Moxa Won't Patch Publicly Disclosed Flaws Until August

Update A number of publicly disclosed vulnerabilities in Moxa networking gear won’t be patched until August, if at all, according to an alert published on Friday by the Industrial Control System Cyber Emergency Response Team ICS-CERT. Researcher Joakim Kennedy of Rapid7 disclosed in March some...

TurboMail 前台sql注入漏洞

简要描述： 前台注入存在注入，可查看管理员密码甚至getshell。 详细说明： 0x1 前台注入 turbomail\web\webapps\ROOT\enterprise\noteadd.jsp: ... UserInfo userinfo = ms.userinfo; if userinfo == null XInfo.gotoInfoms,request,response,"info.loginfail",null,0; return; String id = request.getParameter"id";//id参数传入，没有过滤 Note note = null;...

ShopEx4.85最新版本SQL注入【1】

简要描述： ShopEx4.85最新版本SQL注入，无需登录，过GPC，可直接查询管理员密码并回显 详细说明： 啥都不说了，直接上利用代码，将下面的html另存为一个html文件，修改localhost部分为站点的真实地址： None 漏洞证明：...

Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (2)

Uploader by CeleronDude 5.3.0 - Arbitrary File Upload 2 Uploader by CeleronDude 5.3.0 - Upload Vulnerability Discovered by : Stink' Date : 2009-12-17 for upload. 2010-01-17 for Settings.db retrieve password. Dork : "Uploader by CeleronDude." Website Publisher :...

phosheezy 2.0 Remote Command Execution Exploit

Exploit for unknown platform in category web applications ============================================== phosheezy 2.0 Remote Command Execution Exploit ============================================== !/usr/bin/perl phosheezy 2.0 http://www.ryneezy.net/apps/phosheezy/phosheezy-v0.2.tar.gz Remote...

Affiliate Directory - cat_id SQL Injection

Affiliate Directory - catid SQL Injection --==+================================================================================+==-- --==+ Affiliate Directory SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8u...

Realtor 747 - index.php?categoryId SQL Injection

Realtor 747 - index.php?categoryId SQL Injection --==+================================================================================+==-- --==+ Realtor 747 SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZ...

PHPCollab 2.x NetOffice 2.x - sendpassword.php SQL Injection

PHPCollab 2.x NetOffice 2.x - sendpassword.php SQL Injection !/usr/bin/php -q -d shortopentag=on works with magicquotesgpc = Off\r\n\r\n"; echo "a googledork: intitle:phpcollab|netoffice "index of" -www-apps -php-collab.org -ext:xml\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host path email...

CVE-2004-2024

The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via passwordforgotten.php...