Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure

Exploit Title: Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirag...

ALSA-2023:1673 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection

Exploit Title: Osprey Pump Controller 1.0.1 - eventFileSelected Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021...

Simple Task Managing System v1.0 - SQL Injection (Unauthenticated)

Exploit Title: Simple Task Managing System v1.0 - SQL Injection Unauthenticated Date: 2022-01-09 Exploit Author: Hamdi Sevben Vendor Homepage: https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html Software Link:...

Sales Tracker Management System 1.0 Cross Site Scripting

Exploit Title: Sales Tracker Management System v1.0 - One click account takeover XSS Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 CVE: CVE-2023-26773 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...

Sales Tracker Management System 1.0 Insecure Direct Object Reference

Exploit Title: Sales Tracker Management System v1.0 - Sensitive information disclosure CVE: CVE-2023-26774 Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...

Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated) Vulnerability

Exploit Title: Online Eyewear Shop 1.0 - SQL Injection Unauthenticated Exploit Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com/php/16089/online-eyewear-shop-website-using-php-and-mysql-free-download.html Software Link:...

Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated)

Exploit Title: Online Eyewear Shop 1.0 - SQL Injection Unauthenticated Date: 2023-01-02 Exploit Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com/php/16089/online-eyewear-shop-website-using-php-and-mysql-free-download.html Software Link:...

GHSA-33PV-VCGH-JFG9 Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files

Impact A memory exhaustion bug exists in Wagtail's handling of uploaded images and documents. For both images and documents, files are loaded into memory during upload for additional processing. A user with access to upload images or documents through the Wagtail admin interface could upload a fi...

Null pointer dereference

modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur,...

CVE-2023-28625 mod_auth_openidc core dump when OIDCStripCookies is set and an empty Cookie header is supplied

modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur,...

CVE-2023-28625 mod_auth_openidc core dump when OIDCStripCookies is set and an empty Cookie header is supplied

modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur,...

CVE-2023-28625

The CVE-2023-28625 entry concerns mod_auth_openidc (OpenID Connect Relying Party module for Apache). Affected versions 2.0.0–2.4.13.1 contain a NULL pointer dereference when OIDCStripCookies is set and a crafted Cookie header is supplied, leading to a segmentation fault and an availability risk. ...

CVE-2023-28625

modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur,...

Apache James server's JMX management service vulnerable to privilege escalation by local user

Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX...

CVE-2023-26269 Apache James server: Privilege escalation through unauthenticated JMX

Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX...

CVE-2023-28625

modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur,...

Apache 2.4.x Buffer Overflow

Exploit Title: Apache 2.4.x - Buffer Overflow Date: Jan 2 2023 Exploit Author: Sunil Iyengar Vendor Homepage: https://httpd.apache.org/ Software Link: https://archive.apache.org/dist/httpd/ Version: Any version less than 2.4.51. Tested on 2.4.50 and 2.4.51 Tested on: Server Kali, Client MacOS...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

Bludit 3-14-1 Plugin (UploadPlugin) - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.bludit.com/ Version : 3-14-1 Tested on: windows 11 wampserver | Kali linux Category: WebApp Google Dork: intext:'2022...