4 matches found
Astra Linux – Vulnerability in sudo
In Sudo version 1.8.29, the fact that a user has been blocked for example, by using the “!” character in the shadow file instead of a password hash is not taken into consideration. This allows an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
Koprana CMS SQL Injection
http://www.mediafire.com/?ij9rfpfw6s7uzxf for windows only / load exploits/webapp/omiworldinjection.php set HOST target set MODE 1 for admin accounts/2 for all accounts set FILE save format TXT/SQL exploit !KopranaInjection @ HOST = localhost = Target URL @ PORT = 80 = Target Port @ PATH = / = We...