Online Restaurant Management System 注入漏洞

Online Restaurant Management System is a Code-projects open source online restaurant management system. An injection vulnerability exists in Online Restaurant Management System version 1.0, which originates from improper handling of parameter IDs in the /admin/userupdate.php file, which can lead ...

FeehiCMS 代码问题漏洞

FeehiCMS is a Php-based CMS builder. FeehiCMS version 2.0.8 has an arbitrary file upload vulnerability that can be exploited by remote attackers to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self component...

XXL-JOB vulnerable to Cross-site Scripting

XXL-JOB com.xuxueli:xxl-job versions 2.4.0 and earlier are vulnerable to cross-site scripting XSS. An HTML uploaded payload can be executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

HTML Injection

Overview com.xuxueli:xxl-job is a distributed task scheduling framework. Affected versions of this package are vulnerable to HTML Injection. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update. Details Cross-site scripting or XSS is a code...

M/Monit 3.7.4 - Privilege Escalation

Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...

M/Monit 3.7.2 - Privilege Escalation

!/usr/env/python3 """ Vulnerability title: M/Monit = 3.7.2 - Privilege Escalation Author: Dolev Farhi Vulnerable version: 2.0.151021 Link: https://mmonit.com Date: 2/17/2019 """ import sys import requests MMONITURL = 'http://ip.add.re.ss:8080' MMONITUSER = 'monit' Default built in unprivileged us...