CVE-2021-41878

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

CVE-1999-0712

A vulnerability in Caldera Open Administration System COAS allows the /etc/shadow password file to be made world-readable...

EUVD-2004-0049

Malware in sbrugna...

EUVD-1999-0693

Malware in sbrugna...

CVE-2022-30860

FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel...

CVE-2022-30860

FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel...

CVE-2022-30860

FUDforum 3.1.2 is vulnerable to remote code execution via the Upload File feature of the File Administration System in the Admin Control Panel. Connected advisories and vendor pages consistently describe an arbitrary file upload vulnerability that could allow code execution on affected systems. S...

CVE-2022-30860

FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel...

ShinHer StudyOnline System License Issue Vulnerability

ShinHer StudyOnline System is a school administration system from ShinHer, China. " feature is not controlled by permissions. An attacker could use this vulnerability to access other users' message board content by setting URL parameters after logging in with user privileges...

ShinHer StudyOnline System Cross-Site Scripting Vulnerability

ShinHer StudyOnline System is a school administration system from ShinHer, a Chinese company. special characters in the title parameter. An attacker could use this vulnerability to inject JavaScript and execute a stored XSS attack after logging in with user privileges...

i-Panel Administration System 2.0 Cross Site Scripting

Exploit Title: i-Panel Administration System 2.0 - Reflected Cross-site Scripting XSS Date: 04.10.2021 Exploit Author: Forster Chiu Vendor Homepage: https://www.hkurl.com Version: 2.0 Tested on: Chrome, Edge and Firefox CVE: CVE-2021-41878 Reference:...

CVE-2021-41878

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

VA MAX 8.3.4 - (Authenticated) Remote Code Execution

VA MAX 8.3.4 - Authenticated Remote Code Execution root@nippur:/home/c/src/nippur cat vamax3.py !/usr/bin/env python quick poc for postauth rce bug in va max 8.3.4 more: https://code610.blogspot.com 10.02.2019 p.s. listening on any 4444 ... 192.168.1.126: inverse host lookup failed: Unknown host...

Dredge School Administration System - DSMloader.php Account Information Disclosure

Dredge School Administration System - DSMloader.php Account Information Disclosure source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery...

Dredge School Administration System - '/DSM/loader.php' Account Information Disclosure

source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An information-disclosure...

webERP 4.08.1 - LocalRemote File Inclusion

webERP 4.08.1 - LocalRemote File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-06-27 webERP = 4.08.1 Local/Remote File Inclusion Vulnerability Script:...

Restaurant SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================== Restaurant SQL Injection Vulnerability ====================================== Author: L0rd CrusAd3r aka VSN email protected Exploit Title: Full Site for Restaurant SQL Injection Vulnerability Vendor...

Debian Security Advisory DSA 143-1 (krb5)

The remote host is missing an update to krb5 announced via advisory DSA 143-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

Unspecified vulnerability in the Settings component in the administration system in Jeebles Directory 2.9.60 allows remote authenticated administrators to execute arbitrary PHP code via unspecified vectors related to settings.inc.php. NOTE: the provenance of this information is unknown; the detai...

CVE-2007-5705

Unspecified vulnerability in the Settings component in the administration system in Jeebles Directory 2.9.60 allows remote authenticated administrators to execute arbitrary PHP code via unspecified vectors related to settings.inc.php. NOTE: the provenance of this information is unknown; the detai...