Lucene search
K

43 matches found

0day.today
0day.today
added 2023/07/19 12:0 a.m.242 views

Vaidya-Mitra 1.0 - Multiple SQL injection Vulnerability

Title: Vaidya-Mitra 1.0 - Multiple SQLi Author: nu11secur1ty Vendor: https://mayurik.com/ Software: free: https://www.sourcecodester.com/php/16720/free-hospital-management-system-small-practices.html, https://mayurik.com/source-code/P5890/best-hospital-management-system-in-php Reference:...

7.1AI score
Exploits0
Prion
Prion
added 2023/05/27 5:15 a.m.24 views

Server side request forgery (ssrf)

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...

5CVSS5.2AI score0.00529EPSS
Exploits0References3Affected Software1
Nextcloud
Nextcloud
added 2023/05/25 9:26 a.m.87 views

Blind SSRF in the Mail app on avatar endpoint

None...

5.3CVSS5.5AI score0.00529EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2023/03/06 5:55 p.m.37 views

HackerOne: SQL Injection in CVE Discovery Search

Unsanitized user-controlled inputs in the CVE Discovery Search allowed for SQL injection, which could lead to the disclosure of data in the Analytics Database, including report, team, and asset data...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/02/01 3:57 p.m.85 views

CVE-2023-22374: F5 BIG-IP Format String Vulnerability

While following up our previous work on F5's BIG-IP devices, Rapid7 found an additional vulnerability in the appliance-mode REST interface; the vulnerability was assigned CVE-2023-22374. We reported it to F5 on December 6, 2022, and are now disclosing it in accordance with our vulnerability...

0.3AI score0.87987EPSS
Exploits9
UbuntuCve
UbuntuCve
added 2022/04/04 8:15 p.m.36 views

CVE-2022-1188

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible...

5.3CVSS6AI score0.01187EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/03/28 7:15 p.m.7 views

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...

9.1CVSS7.7AI score0.0112EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2022/03/02 12:0 a.m.379 views

CVE-2021-3772

CVE-2021-3772 affects the Linux kernel SCTP stack: a blind attacker who knows IPs/ports and can spoof packets can kill an existing SCTP association by sending invalid chunks. The connected advisories confirm the issue and point to a patch in the Linux kernel (commit 32f8807a48ae55be0e76880cfe8607...

6.5CVSS6.8AI score0.0124EPSS
Exploits0References8Affected Software1
Huntr
Huntr
added 2021/12/20 12:43 a.m.15 views

SQL Injection in tsolucio/corebos

Description coreBOS is vulnerable to Blind SQL Injections in parameter userviewtype which allows the attacker to execute SQL commands on the target database. it is a time-based attack in which the result of the query will be determined based on the time of the response. payload...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/14 12:0 a.m.328 views

Ticket Booking 1.0 SQL Injection

Title: Ticket Booking 1.0 suffer from SQL - Injenction Author: nu11secur1ty Date: 12.14.2021 Vendor: https://code-projects.org/ticket-booking-in-php-with-source-code/ Software: https://code-projects.org/ticket-booking-in-php-with-source-code/ Description: The password parameter appears to be...

Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/10 12:0 a.m.41 views

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:3641-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3641-1 advisory. The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

8.8CVSS7.1AI score0.01476EPSS
Exploits6References79
0day.today
0day.today
added 2021/10/06 12:0 a.m.248 views

Local Offices Contact Directory Site SQL Injection Vulnerability

Local Offices Contact Directory Site using PHP and SQLite Free Source Code suffers from a remote SQL injection vulnerability. Local Offices Contact Directory Site SQL Injection Vulnerability...

0.4AI score
Exploits0
CNVD
CNVD
added 2021/03/25 12:0 a.m.10 views

Doctor Appointment System SQL Injection Vulnerability

Sourcecodesterk Doctor Appointment System is a Sourcecodesterk open source application. Provides an appointment function . Doctor Appointment System version 1.0 suffers from an SQL injection vulnerability that originates from a remote blind SQL injection vulnerability in the name and email...

7.5CVSS7.8AI score0.07826EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2019/10/15 12:0 a.m.302 views

Podman / Varlink Remote Code Execution

!/usr/bin/python -- coding: UTF-8 -- pickletime.py Podman + Varlink Insecure Config Remote Exploit Jeremy Brown jbrown3264/gmail @ Oct 2019 ------- Details ------- Podman is container engine / platform similar to Docker supported by RedHat and Fedora with Varlink being a protocol to exchange...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/07/19 12:0 a.m.43 views

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/07/19 12:0 a.m.58 views

Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String

Exploit for multiple platform in category remote exploits !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following characteristic: - Heap Based...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/07/19 12:0 a.m.90 views

Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String

!/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following characteristic: - Heap Based Exploiting string located on the heap - Blind Attack No output...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2015/03/10 12:0 a.m.36 views

SDCMS 最新门户版 V3.0 储存型xss一枚 可盲打后台

简要描述: 严谨的说 是编辑器xss储存型漏洞 详细说明: 虚拟主机搭建测试: 需要条件: 开启会员注册默认开启 开启投稿功能(默认开启) 下载地址: http://www.sdcms.cn/product/portal.html 默认 开启会员注册 无需审核 原本想在demo上测试的 但是他开启审核了 ---------------------------------------- 注册个会员 找到在线投稿 选择文章模型 远程上传地址处 插入: " 提交 img...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/03/10 12:0 a.m.19 views

damicms绕过防xss规则盲打后台(v4.9)

简要描述: damicms绕过防xss规则盲打后台v4.9 详细说明: 前台留言的地方,使用了getclientip ,代码如下。 使用了 removexss 来做过滤,但是可以这样来绕过 之后就可以弹窗了 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/01/07 12:0 a.m.34 views

绕过startbbs防御继续盲打管理员(两种方法)

简要描述: startbbs已经对xss有过滤措施,但是有办法绕过。这里我依然以官方为demo作为测试,因为官方的是最新版。 详细说明: 问题出现在发帖的正文文本框:盲打的概率非常高的。 测试了常规的html代码,发现只剩下img标签,其他的都被过滤了,因此可以在img上能发挥作用的只有on系列的事件了。 测试尝试和之前那样 发布上面的代码,发现过滤成下面这样: 尝试用javascript:伪协议去触发:但是又被过滤成这样: 也就是常规的在敏感字符那加入x 来让事件等功能失效。 到了这一步,暂时没有了头绪。 过了几天之后忽然想到之前新浪邮箱的过滤方式也是如此。...

7.1AI score
Exploits0
Rows per page
Query Builder