849 matches found
WordPress Ninja Forms Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress Ninja Forms Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
WordPress Plugin Video Player 1.5.16 - SQL Injection
WordPress Plugin Video Player 1.5.16 - SQL Injection !-- Multiple SQL injection vulnerabilities in WordPress Video Player Abstract It was discovered that WordPress Video Player is affected by multiple blind SQL injection vulnerabilities. Using these issues it is possible for a logged on Contribut...
Nagios XI SQL Injection (CVE-2018-8734)
An SQL injection vulnerability exists in Nagios XI. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The...
CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval
Exploit for multiple platform in category web applications CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The PowerPanel® Business Editi...
Silicon Graphics LibTiff Heap Buffer Overflow Vulnerability
Silicon Graphics LibTiff is a library for reading and writing TIFF Tagged Image File Format files from the U.S. company Silicon Graphics. The library contains a number of command-line tools to deal with TIFF files. A heap buffer overflow vulnerability exists in the libtiff/tifpixarlog.c file in...
Bomgar Remote Support - Unauthenticated Code Execution (Metasploit)
Exploit for linux platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q Thi...
Bomgar Remote Support - Code Execution (Metasploit)
Bomgar Remote Support - Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This...
Bomgar Remote Support Unauthenticated Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This module exploits a vulnerability in the Bomgar Remote...
Bomgar Remote Support - Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This module exploits a vulnerability in the Bomgar Remote...
WordPress Booking Calendar Contact Form Plugin SQL injection
An SQL injection exists in the WordPress Booking Calendar Contact Form Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
WordPress SP Projects and Document Manager Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress SP Projects and Document Manager Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
FreeBSD : hostapd and wpa_supplicant -- psk configuration parameter update allowing arbitrary data to be written (967b852b-1e28-11e6-8dd3-002590263bf5)
Jouni Malinen reports : psk configuration parameter update allowing arbitrary data to be written 2016-1 - CVE-2016-4476/CVE-2016-4477. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...
hostapd -- multiple vulnerabilities
Jouni Malinen reports: EAP-pwd missing last fragment length validation. 2015-7 - CVE-2015-5315 psk configuration parameter update allowing arbitrary data to be written. 2016-1 - CVE-2016-4476...
hostapd and wpa_supplicant -- psk configuration parameter update allowing arbitrary data to be written
Jouni Malinen reports: psk configuration parameter update allowing arbitrary data to be written 2016-1 - CVE-2016-4476/CVE-2016-4477...
MyBB < 1.8.7 Multiple Vulnerabilities
Binary data 9275.prm...
ManageEngine Firewall Analyzer < 12.0 Multiple Vulnerabilities
The version of ManageEngine Firewall Analyzer running on the remote web server is prior to 12.0. It is, therefore, affected by multiple vulnerabilities : - A SQL injection vulnerability exists in the runQuery.do script due to improper sanitization of user-supplied input to the 'RunQuerycommand'...
Exploit for CVE-2016-0040
cve-2016-0040 poc for cve-2016-0040 bug found and exp...
BlackBerry Enterprise Service Multiple Vulnerabilities (BSRT-2016-001)
According to its version, the BlackBerry Enterprise Service BES install on the remote host is older than 12.4, it is, therefore, affected by the following vulnerabilities: - A SQL injection vulnerability exists due to improper sanitization of user-supplied input to the 'ImageName' parameter in th...
Solr 3.5.0 - Arbitrary Data Deletion
Exploit for java platform in category web applications Exploit Title: All Solr Data Can Be Delete Google Dork: intext:Schema Config Analysis Schema Browser Statistics Info Distribution Ping Logging Date: 5/2/2016 Exploit Author: N37 Myanmar Vendor Homepage: http://lucene.apache.org/solr/ Software...