EUVD-2025-203932

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

EUVD-2021-0541

Malware in sbrugna...

CVE-2023-29516

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on XWiki.AttachmentSelector can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is imprope...

Cross site scripting

Cross-site Scripting XSS vulnerability in BlueSpiceDiscovery skin of BlueSpice allows logged in user with edit permissions to inject arbitrary HTML into the default page header of a wikipage...

CVE-2022-39026

U-Office Force UserDefault page has insufficient filtering for special characters in the HTTP header fields. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform XSS Stored Cross-Site Scripting attack...

UBUNTU-CVE-2020-35572

Adminer through 4.7.8 allows XSS via the history parameter to the default URI...

How to make a Storefront Store as the default page

This article describes how to make a StoreFront Web Site the default page within the IIS site...

U.S. Dept Of Defense: Default page exposes admin functions and all metods and classes available. on https://██████/█████/dwr/index.html

Summary: https://████/██████/dwr/index.html is a default installation page of DWR engine that exposes all classes and methods available to the user. Description: https://█████████/██████████/dwr/index.html is a default installation page of DWR engine that exposes all classes and methods available...

Netsparker v3.5 - Web Application Security Scanner

Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting XSS and security issues on all web applications and websites regardless of the platform and the technology they are built on. Netsparker is very easy to u...

ZyXEL Router P-660HN-T1A - Login Bypass

No description provided by source. Exploit Title: ZyXEL Router P-660HN-T1A - Login Bypass Date: 11/03/2013 Exploit Author: Michael Grifalconi [email protected] Vendor Homepage: http://www.zyxel.com/productsservices/p660hntxaseries.shtml?t=p Version: 3.40BYF.5 - Last avaiable If someo...

ZYXEL P-660HN-T1A Router - Authentication Bypass

ZYXEL P-660HN-T1A Router - Authentication Bypass Exploit Title: ZyXEL Router P-660HN-T1A - Login Bypass Date: 11/03/2013 Exploit Author: Michael Grifalconi Vendor Homepage: http://www.zyxel.com/productsservices/p660hntxaseries.shtml?t=p Version: 3.40BYF.5 - Last avaiable If someone is logged on t...

ZYXEL P-660HN-T1A Router - Authentication Bypass

Exploit Title: ZyXEL Router P-660HN-T1A - Login Bypass Date: 11/03/2013 Exploit Author: Michael Grifalconi Vendor Homepage: http://www.zyxel.com/productsservices/p660hntxaseries.shtml?t=p Version: 3.40BYF.5 - Last avaiable If someone is logged on the web interface of the router, the attacker coul...

http-title NSE Script

Shows the title of the default page of a web server. The script will follow up to 5 HTTP redirects, using the default rules in the http library. Script Arguments http-title.url The url to fetch. Default: / slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size,...

CVE-2009-2163

Cross-site scripting XSS vulnerability in login/default.aspx in Sitecore CMS before 6.0.2 Update-1 090507 allows remote attackers to inject arbitrary web script or HTML via the scerror parameter...

Play a game of webshell game-bug warning-the black bar safety net

To hack the x-Files cast a draft, two months, and haven't selected, and now it sends to the Just look at it, the article is bad, Don't laugh,the picture is zoom out, tap the picture you can see the big picture. Play a game of webshell game The desert（baiker2008 Now many of the side dishes, speaki...

ASP Download 1.03 - Arbitrary Change Administrator Account

\ ASPDownload v 1.03 Remote Admin Bypass Exploit / \ / / + Author : Underz0ne Crew + Script : ASPDownload v 1.03 + Risk : High + Script URL : http://www.toddwoolums.com/aspdownload.asp + Dork : Powered by AspDownload --//-- Exploit Area : + Description : The problem is that the script's owner...

VGMForbinSQL.txt

Www.H4ckerz.coM --- Www.Hackerz.iR Vendor : VGM Forbin Target Page : resource/products/adm/login.asp Action : Turn back too default.asp Exploit : Username : admin'-' Password : 'x' or '1'-- H4ckerZ Researching Team Greetz : Hessam-X , Ro0X , and other iranian hackerZ ;- !!!!!!!!!!!!!!!!!!!!!!!!...

CVE-2005-4747

Cross-site scripting XSS vulnerability in WebHost Automation Ltd Helm before 3.2.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors involving the default page...

Web Server Unconfigured - Default Install Page Present

The remote web server uses its default welcome page. Therefore, it's probable that this server is not used at all or is serving content that is meant to be hidden. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11422; scriptversion"1.45"; scriptcvsdate"Date: 2018/08/...