11 matches found
Malicious code in sap-adminpass (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6cb3a6c9207dbd171426502a8980c0c182bcd9c5150388ffe4689447f011376a The OpenSSF Package Analysis project identified 'sap-adminpass' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
TOTOLINK CP900 命令注入漏洞
The TOTOLINK CP900 is a wireless router from China-based TOTOLINK. A security vulnerability exists in the TOTOLINK CP900 due to a command injection issue in the adminuser and adminpassparameter parameters of the setPasswordCfg function...
PT-2023-12948 · Totolink · Totolink Outdoor Cpe Cp900
Name of the Vulnerable Software and Affected Versions: TOTOLink outdoor CPE CP900 version 6.3c.566 B20171026 Description: The issue concerns a command injection vulnerability in the setPasswordCfg function, which can be exploited via the adminuser and adminpass parameters. This allows attackers t...
CVE-2022-29588
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files...
CVE-2022-29588
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files...
Omegle Clone - SQL Injection
Exploit Title: Omegle Clone - SQL Injection Google Dork: N/A Date: 18.03.2017 Vendor Homepage: http://turnkeycentral.com/ Software: http://www.turnkeycentral.com/scripts/omegle-clone/ Demo: http://demo.turnkeycentral.com/omegleclone/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author...
ewebeditor php&asp版本后台跳过认证漏洞
eWebEditor是一个所见即所得的在线编辑器。顾名思义,就是能在网络上使用所见即所得的编辑方式进行编辑图文并茂的文章、新闻、讨论贴、通告、记事等多种文字处理应用。 ../ewebeditor/admin/config.php文件 用户认证方式存在严重的安全漏洞,可以直接跳过认证获取到管理员权限。 php v3.8 asp v2.8 暂无 请参考官方补丁 首先当然要找到登陆后台,默认是../eWebEditor/admin/login.php,进入后台后随便输入一个用户和密码,当然会提示出错了. 这时候你清空浏览器的url,然后输入...
Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection
------------------Mobilelib Gold v3 Auth Bypass/SQL Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Mobilelib Gold version : 3.0 Language: PHP Site:...
Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities
No description provided by source. ------------------Mobilelib Gold v3 Auth Bypass/SQL Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Mobilelib Gold version : 3.0...
MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities ============================================================...
CVE-2006-4736
The CVE-2006-4736 entry describes multiple SQL injection vulnerabilities in index.php of CMS.R. 5.5, allowing remote attackers to execute arbitrary SQL commands via the adminname and adminpass parameters. The root cause is SQL injection in the affected PHP script, leading to potential data exposu...