Lucene search
+L

3116 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.150 views

Ruby WEBrick::HTTP::DefaultFileHandler Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby WEBrick::HTTP::DefaultFileHandler DoS', 'Description' = %q The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6...

7.8CVSS7AI score0.70202EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.182 views

MS06-019 Exchange MODPROP Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS06-019 Exchange MODPROP Heap Overflow', 'Description' = %q This module triggers a heap overflow vulnerability in MS Exchange that occurs when...

7.5CVSS7.4AI score0.78679EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.217 views

Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...

4.6CVSS7AI score0.21556EPSS
Exploits3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/11 2:34 a.m.2 views

Malicious code in sap-bid (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aa1c86f9f2ee9904fe8a01496e46e71e811783b9cac1884b7f042a83f1610528 The OpenSSF Package Analysis project identified 'sap-bid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

7.1AI score
Exploits0
OSV
OSV
added 2024/07/11 2:34 a.m.6 views

MAL-2024-7617 Malicious code in sap-bid (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aa1c86f9f2ee9904fe8a01496e46e71e811783b9cac1884b7f042a83f1610528 The OpenSSF Package Analysis project identified 'sap-bid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

7.3AI score
Exploits0
NVD
NVD
added 2024/05/30 2:15 p.m.23 views

CVE-2024-5516

A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be launched remotely...

9.8CVSS6.8AI score0.00687EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.6 views

PT-2024-36487 · Unknown · Itsourcecode Online Blood Bank Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Blood Bank Management System version 1.0 Description: A critical issue was found in the itsourcecode Online Blood Bank Management System, affecting an unknown functionality of the file massage.php. The manipulation of the...

9.8CVSS8.1AI score0.00687EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.3 views

Online Blood Bank Management System SQL注入漏洞

Online Blood Bank Management System is an online blood bank management system. Itsourcecode Online Blood Bank Management System version 1.0 suffers from a SQL injection vulnerability that originates from the inclusion of an unknown function in massage.php, which leads to SQL injection via the...

9.8CVSS6.9AI score0.00687EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/03/01 12:0 a.m.19 views

Cisco NX-OS Software MPLS Encapsulated IPv6 DoS (cisco-sa-ipv6-mpls-dos-R9ycXkwM)

A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of prop...

8.6CVSS7.8AI score0.00926EPSS
Exploits0References5
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.14 views

Input Validation for 'createBid' Function

Lines of code Vulnerability details Potential Risk: The 'createBid' function in the contract is responsible for allowing users to place bids on a Verb auction by sending Ether. While the function includes several checks, it lacks explicit input validation for certain parameters, which could lead ...

6.9AI score
Exploits0
OSV
OSV
added 2023/11/14 10:15 p.m.5 views

CVE-2023-46022

SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...

7.8CVSS6AI score0.00795EPSS
Exploits4References1
Prion
Prion
added 2023/11/14 10:15 p.m.21 views

Sql injection

SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...

4.3CVSS8.7AI score0.00795EPSS
Exploits4References1Affected Software1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.5 views

Code-Projects Blood Bank Security Breach

Code-Projects Blood Bank is a blood bank system for the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0 that originated from allowing an attacker to run arbitrary SQL commands via the bid parameter in delete.php...

7.8CVSS7.6AI score0.00795EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2023/11/14 12:0 a.m.14 views

CVE-2023-46022

SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...

8.2AI score0.00795EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.6 views

PT-2023-29804 · Unknown · Code-Projects Blood Bank

Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands. This is achieved by exploiting the bid parameter in the delete.php file. Recommendations: For Code-Projects Blood Bank version 1.0...

7.8CVSS7.8AI score0.00795EPSS
Exploits4References3
CVE
CVE
added 2023/11/14 12:0 a.m.66 views

CVE-2023-46022

CVE-2023-46022 concerns Code-Projects Blood Bank v1.0, with a SQL Injection in delete.php via the bid parameter. The root cause is improper input handling in delete.php, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data exposure and unauthorized databas...

7.8CVSS8AI score0.00795EPSS
Exploits4References1Affected Software1
Code423n4
Code423n4
added 2023/11/13 12:0 a.m.7 views

cancelBid() and cancelAllBids() functions are incorrectly implemented, resulting in partial/complete DoS-ing of bid cancelling functionality.

Lines of code Vulnerability details Impact cancelBid and cancelAllBids functions are incorrectly implemented, resulting in partial/complete DoS-ing of bid cancelling functionality. bidder could lose funds when they change their mind and want to cancel their bid, imagine they were the top bidder a...

6.9AI score
Exploits0
GithubExploit
GithubExploit
added 2023/11/11 10:54 a.m.25 views

Exploit for SQL Injection in Code-Projects Blood_Bank

CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...

7.8CVSS8.4AI score0.00795EPSS
Exploits4
Prion
Prion
added 2023/11/10 4:15 p.m.15 views

Information disclosure

A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information...

5CVSS6.8AI score0.00959EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/10 3:31 p.m.25 views

CVE-2023-6076 PHPGurukul Restaurant Table Booking System Reservation Status booking-details.php information disclosure

A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information...

5.3CVSS7.6AI score0.00959EPSS
Exploits0References2
Rows per page
Query Builder