Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 Test application This repository contains a si...

Apache Struts 2 Demo Application Detected

The scanner has detected a publicly accessible Apache Struts 2 default demo application. Known and unknown vulnerabilities could be more easily exploited via this kind of application. No source data...

CVE-2017-18107

Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery CSRF vulnerability. Please be aware that the Demo application is not enabled by default...

CVE-2017-18107

Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery CSRF vulnerability. Please be aware that the Demo application is not enabled by default...

Drive By RCE Exploit in Pimcore 6.2.0

We have scanned Pimcore 6.2.0 and identified multiple critical vulnerabilities including a command injection vulnerability and SQL injection vulnerability which both can be exploited into a full remote code execution. Both vulnerabilities were fixed in Pimcore 6.2.1. The truncated analysis result...

PHPKit 1.6.6: Code Execution for Privileged Users

RIPS Analysis Within only 24 seconds, the analysis with RIPS completed and uncovered critical security vulnerabilities, mainly in the administration section of the application. As we demonstrated in multiple previous calendar posts, these vulnerabilities can be chained with other vulnerabilities...

Cross site scripting

Cross-site scripting XSS vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092...

Code Widget Web based alpha tabbed address book (ASP) SQL injection

Exploit for asp platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Code Widgets Web-based Alpha Tabbed Address Book SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 inj3ct0r 1337 Day Team 1 0 0...

CVE-2008-5842

Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...