3116 matches found
Ruby WEBrick::HTTP::DefaultFileHandler Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby WEBrick::HTTP::DefaultFileHandler DoS', 'Description' = %q The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6...
MS06-019 Exchange MODPROP Heap Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS06-019 Exchange MODPROP Heap Overflow', 'Description' = %q This module triggers a heap overflow vulnerability in MS Exchange that occurs when...
Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...
Malicious code in sap-bid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aa1c86f9f2ee9904fe8a01496e46e71e811783b9cac1884b7f042a83f1610528 The OpenSSF Package Analysis project identified 'sap-bid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...
MAL-2024-7617 Malicious code in sap-bid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aa1c86f9f2ee9904fe8a01496e46e71e811783b9cac1884b7f042a83f1610528 The OpenSSF Package Analysis project identified 'sap-bid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...
CVE-2024-5516
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be launched remotely...
PT-2024-36487 · Unknown · Itsourcecode Online Blood Bank Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Blood Bank Management System version 1.0 Description: A critical issue was found in the itsourcecode Online Blood Bank Management System, affecting an unknown functionality of the file massage.php. The manipulation of the...
Online Blood Bank Management System SQL注入漏洞
Online Blood Bank Management System is an online blood bank management system. Itsourcecode Online Blood Bank Management System version 1.0 suffers from a SQL injection vulnerability that originates from the inclusion of an unknown function in massage.php, which leads to SQL injection via the...
Cisco NX-OS Software MPLS Encapsulated IPv6 DoS (cisco-sa-ipv6-mpls-dos-R9ycXkwM)
A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of prop...
Input Validation for 'createBid' Function
Lines of code Vulnerability details Potential Risk: The 'createBid' function in the contract is responsible for allowing users to place bids on a Verb auction by sending Ether. While the function includes several checks, it lacks explicit input validation for certain parameters, which could lead ...
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
Sql injection
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
Code-Projects Blood Bank Security Breach
Code-Projects Blood Bank is a blood bank system for the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0 that originated from allowing an attacker to run arbitrary SQL commands via the bid parameter in delete.php...
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
PT-2023-29804 · Unknown · Code-Projects Blood Bank
Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands. This is achieved by exploiting the bid parameter in the delete.php file. Recommendations: For Code-Projects Blood Bank version 1.0...
CVE-2023-46022
CVE-2023-46022 concerns Code-Projects Blood Bank v1.0, with a SQL Injection in delete.php via the bid parameter. The root cause is improper input handling in delete.php, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data exposure and unauthorized databas...
cancelBid() and cancelAllBids() functions are incorrectly implemented, resulting in partial/complete DoS-ing of bid cancelling functionality.
Lines of code Vulnerability details Impact cancelBid and cancelAllBids functions are incorrectly implemented, resulting in partial/complete DoS-ing of bid cancelling functionality. bidder could lose funds when they change their mind and want to cancel their bid, imagine they were the top bidder a...
Exploit for SQL Injection in Code-Projects Blood_Bank
CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...
Information disclosure
A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information...
CVE-2023-6076 PHPGurukul Restaurant Table Booking System Reservation Status booking-details.php information disclosure
A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information...