CVE-2020-23355

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

EUVD-2015-2911

Malware in sbrugna...

EUVD-2020-16100

Malware in sbrugna...

CVE-2024-4765

Web application manifests were stored by using an insecure MD5 hash which allowed for a hash collision to overwrite another application's manifest. This could have been exploited to run arbitrary code in another application's context. This issue only affects Firefox for Android. Other versions of...

CVE-2025-1868

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

ATutor LMS 2.2.4 Weak Password Reset Hash

Exploit Title: ATutor LMS 2.2.4 - Weak Password Reset Hash Date: 2020-05-05 Exploit Author: Hodorsec Version: 2.2.4 Software Link: https://atutor.github.io/atutor/downloads.html Vendor Homepage: https://atutor.github.io Tested on: Debian 10 x64 - PHP 7.3.15-3 Problem: While the original intention...

Mooseguy Blog System 1.0 (blog.php month) SQL Injection Vulnerability

No description provided by source. MGBS 1.0 Remote SQL injection Script url http://sourceforge.net/project/showfiles.php?groupid=193233 Vulnerable code in blog.php ?php $month = $GET'month'; $result = mysqlquery"SELECT FROM blog WHERE posted='$month' ORDER BY id DESC" or die"HELP QUERY BROKEN";...

mgbs-sql.txt

MGBS 1.0 Remote SQL injection Script url http://sourceforge.net/project/showfiles.php?groupid=193233 Vulnerable code in blog.php ?php $month = $GET'month'; $result = mysqlquery"SELECT FROM blog WHERE posted='$month' ORDER BY id DESC" or die"HELP QUERY BROKEN"; ... Admin hash exploit...

Mooseguy Blog System 1.0 - month SQL Injection

Mooseguy Blog System 1.0 - month SQL Injection MGBS 1.0 Remote SQL injection Script url http://sourceforge.net/project/showfiles.php?groupid=193233 Vulnerable code in blog.php ?php $month = $GET'month'; $result = mysqlquery"SELECT FROM blog WHERE posted='$month' ORDER BY id DESC" or die"HELP QUER...

Mooseguy Blog System 1.0 (blog.php month) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Mooseguy Blog System 1.0 blog.php month SQL Injection Vulnerability ===================================================================== MGBS 1.0 Remote SQL injection...

My Little Forum 1.5 / 1.6beta SQL Injection

My Little Forum 1.5 / 1.6beta SQL Injection software: site: http://www.mylittlehomepage.net/mylittleforum software: "A simple web-forum that supports classical thread view message tree as well as messagebord view to display the messages. Requires PHP 4.1 and a MySQL database." 1 look at the...