Wecodex Hotel CMS 1.0 - Admin Login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage: https://www.wecodex.com/item/view/hotel-management-system-in-php-and-mysql/7 Version: 1.0...

PHP Dashboards 4.5 SQL Injection

Exploit 1 of 2: Exploit Title: PHP Dashboards v4.5 - Registration Page SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/php-dashboards-v40-collaborative-social-dashboards/19314871 Version: v4.5 Category: Webapps Tested...

Apache ZooKeeper Security Bypass Vulnerability

Apache Zookeeper is a software project of the U.S. Apache Apache Software Foundation, which can provide open source distributed configuration services, synchronization services and naming registry for large-scale distributed computing. A security vulnerability exists in Apache ZooKeeper versions...

CVE-2018-11096

Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely...

SAP NetWeaver suffers from unspecified SQL injection vulnerability (CNVD-2018-14849)

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. SAP NetWeaver suffers from an unspecified SQL injection vulnerability that arises from failure to adequately...

OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

Oracle Financial Services Applications Financial Services Basel Regulatory Capital Basic Component Unauthorized Operation Vulnerability (CNVD-2018-10744)

Oracle Financial Services Applications is a suite of financial services software from Oracle Corporation that combines core banking, online banking, and estate management.Financial Services Basel Regulatory Capital Basic is one of the Basel-based capital adequacy management component. A security...

Oracle Hospitality Applications Hospitality Reporting and Analytics Component Unauthorized Operation Vulnerability

Oracle Hospitality Applications is a suite of business applications, servers, and storage solutions for hotel management from Oracle Corporation. The solution provides human resources cost management, provide customer service throughout the journey tracking management to improve customer...

Oracle Financial Services Applications FLEXCUBE Core Banking Component Unauthorized Operation Vulnerability

Oracle Financial Services Applications is a set of Oracle's core banking, online banking and property management financial services software. FLEXCUBE Core Banking is one of the core banking components. A security vulnerability exists in the Securities subcomponent of the FLEXCUBE Core Banking...

Oracle Adaptive Access Manager Component Remote Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, and other capabilities.Adaptive Access Manager is one of the authentication components. A security...

Oracle Banking Corporate Lending Component Remote Vulnerability

Oracle Financial Services Applications is the United States Oracle Oracle company's set of core banking, online banking and property management in one of the financial services software. Banking Corporate Lending is one of the bank loan management components. A security vulnerability exists in th...

Oracle Access Manager Component Remote Vulnerability (CNVD-2018-09094)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, and other capabilities.Access Manager is one of the components that provides identity management,...

mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Apache Fineract SQL Injection Vulnerability (CNVD-2018-08693)

Apache Fineract is the United States Apache Apache Software Foundation's set of open source digital financial services platform. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. An SQL injection...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2018-2870

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite subcomponent: General Utilities. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

CVE-2018-2862

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications subcomponent: User Interface. Supported versions that are affected are 13.3.8, 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...