10 matches found
CVE-2021-38147
Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to download arbitrary files, such as reports containing sensitive information, because authentication is not required for API access to processexecution/DownloadExcelFile/DomainCredentialReportExcel,...
Wipro Holmes Orchestrator Access Control Error Vulnerability
Wipro Holmes Orchestrator, a one-stop application artificial intelligence Ai and automation platform orchestrator from Wipro India, is vulnerable to an access control error in Wipro Holmes Orchestrator version 20.4.1, which could be exploited by an unauthenticated attacker to download previously...
Wipro Holmes Orchestrator 访问控制错误漏洞
Wipro Holmes Orchestrator, a one-stop application artificial intelligence Ai and automation platform orchestrator from Wipro India, is vulnerable to an access control error in Wipro Holmes Orchestrator version 20.4.1, which could be exploited by an unauthenticated attacker to download previously...
Shuup 注入漏洞
Shuup is an open source e-commerce platform based on Django and Python from Shuup, Inc. Shuup suffers from an injection vulnerability that stems from a formula injection vulnerability affecting Shuup applications in versions 0.4.2 through 2.10.8. A customer can inject a payload into the name inpu...
NEX Forms < 7.8.8 - Authentication Bypass for Excel Reports
The plugin was vulnerable to Authentication Bypass for Excel Reports allowing unauthenticated attackers to download Excel reports. http://www.example.com/wp-admin/admin.php?page=nex-forms-dashboard&exportcsv=true...
NEX Forms < 7.8.8 - Authentication Bypass for Excel Reports
The plugin was vulnerable to Authentication Bypass for Excel Reports allowing unauthenticated attackers to download Excel reports. PoC http://www.example.com/wp-admin/admin.php?page=nex-forms-dashboardcsv=true...
WordPress 授权问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress plugin Basix NEX-Forms 7.8.7 and earlie...
WordPress CP Polls 1.0.8 Cross Site Request Forgery / Cross Site Scripting
Exploit Title: WordPress CP Polls 1.0.8 - CSRF - Update poll settings & Persistent XSS Date: 2016-02-22 Google Dork: Index of /wp-content/plugins/cp-polls/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Plugin URI: http://wordpress.dwbooster.com/forms/cp-polls Version: 1.0.8...
WordPress CP Polls 1.0.8 Plugin - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: WordPress CP Polls 1.0.8 - CSRF - Update poll settings & Persistent XSS Date: 2016-02-22 Google Dork: Index of /wp-content/plugins/cp-polls/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Plugin URI:...
[Autopsy] Digital Investigation Analysis
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...