Zoo Management System /admin/edit-animal-details.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aname in the file /admin/edit-animal-details.php. An attacker can exploit this...

PT-2024-38506 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A problematic issue was found in the file add act.php, where the manipulation of the aname argument leads to cross-site scripting. The attack can be launche...

Advocate Office Management System SQL Injection Vulnerability

Advocate Office Management System is an office management system by Mayuri K. Individual Developer. A SQL injection vulnerability exists in Advocate Office Management System version 1.0, which stems from the parameter aname in the file /control/addact.php that can lead to SQL injection...

PT-2024-5264 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue has been identified in the system, specifically affecting the /control/add act.php file. The manipulation of the aname argument leads to SQ...

Malicious code in sap-aname (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5e298494a36dfcae17dfb9e4f49d1a8d264ad8f57b8c702eb090eb3f61c5dd02 The OpenSSF Package Analysis project identified 'sap-aname' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7638 Malicious code in sap-aname (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5e298494a36dfcae17dfb9e4f49d1a8d264ad8f57b8c702eb090eb3f61c5dd02 The OpenSSF Package Analysis project identified 'sap-aname' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

CVE-2024-25306

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...

PT-2024-20875 · Code Projects · Code-Projects Simple School Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the aname parameter at the "School/index.php" endpoint. This could potentially lead to unauthorized access to sensitive data...

CVE-2024-25306

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...

Prototype Pollution

Overview fast-xml-parser is a Validate XML, Parse XML, Build XML without C/C++ based libraries Affected versions of this package are vulnerable to Prototype Pollution due to improper argument validation, which is exploitable via the aName variable. PoC js const XMLParser, XMLBuilder, XMLValidator...

Snapchat: Subdomain takeover of blog.snapchat.com

Overview The ANAME for blog.snapchat.com, which redirects to snapchat-blog.com, was pointing to tumblr for Snapchat's blog. This blog had been expired or had removed the CNAME claim. Adding "snapchat-blog.com" to the custom domain setting on tumblr allowed takeover of this subdomain. Repro Steps ...

Windows Manage Privilege Based Process Migration

This module will migrate a Meterpreter session based on session privileges. It will do everything it can to migrate, including spawning a new User level process. For sessions with Admin rights: It will try to migrate into a System level process in the following order: ANAME if specified,...