23 matches found
CVE-2026-24840
Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...
EUVD-2007-0789
Malware in sbrugna...
EUVD-2014-4794
Malware in sbrugna...
EUVD-2022-52365
Malicious code in bioql PyPI...
EUVD-2023-30368
Malicious code in bioql PyPI...
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...
CVE-2024-4300
E-WEBInformationCo. FS-EZViewerWeb exposes sensitive information in the service. A remote attacker can obtain the database configuration file path through the webpage source code without login. Accessing this path allows attacker to obtain the database credential with the highest privilege and...
Jedox 2022.4.2 Database Credential Disclosure
Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880...
Jedox 2020.2.5 Database Credential Disclosure
Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...
Sql injection
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...
Exponent CMS 2.6 Cross Site Scripting / Brute Force
Exploit Title: Exponent CMS 2.6 - Multiple Vulnerabilities Exploit Author: heinjame Date: 22/10/2021 Exploit Author: picaroo Vendor Homepage: https://www.exponentcms.org/ Version: http://127.0.0.1:8082/expcms/text/edit/id/id/src/@footer Title, Text Block Payload = " Database credential are...
WordPress Plugin Google Document Embedder - Arbitrary File Disclosure (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rbmysql' class Metasploit3 'WordPress Plugin...
WordPress Plugin Google Document Embedder Arbitrary File Disclosure
This Metasploit module exploits an arbitrary file disclosure flaw in the WordPress blogging software plugin known as Google Document Embedder. The vulnerability allows for database credential disclosure via the /libs/pdf.php script. The Google Document Embedder plug-in versions 2.4.6 and below ar...
WordPress Google Document Embedder Arbitrary File Disclosure
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rbmysql' class Metasploit3 'WordPress Plugin...
WordPress Plugin Google Document Embedder Arbitrary File Disclosure
This module exploits an arbitrary file disclosure flaw in the WordPress blogging software plugin known as Google Document Embedder. The vulnerability allows for database credential disclosure via the /libs/pdf.php script. The Google Document Embedder plug-in versions 2.4.6 and below are vulnerabl...
blogparticle-traverse.txt
/////// Blog Particle 8.0 Directory Traversal,Database credential \\\\ by: e.wiZz!Site: madspot.org Info: cybernetic is Gay Hacker ah ah ah ah. You are shame for .hr In the wild..... Vendor: blogparticle.comDork: "powered by BP Blog 8.0"Download: http://blog.betaparticle.com/uploads/blog8.0.zip...
singapore-database.txt
Singapore 0.10.1 Directory Traversal vulnerability/Database credential exploit Discovered by: e.wiZz! Site: madspot.org Info: no info today,sorry :D / Script site: http://www.sgal.org/ Download:...
PHP <= 4.3.9 & phpBB 2.x with unserialize() Remote Exploit (compiled)
Exploit for unknown platform in category web applications ===================================================================== PHP tested : phpbbmemorydump.exe "http://site.com/phpbb/" 30000 -cookiename=phpbb2support a.txt result: - string detected : /home/virtual/site.com/phpBB/config.php -...