PT-2026-49342

Summary The "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of the flow is allowed. The execution request can contain a list of files that gets read b...

AMI Security Advisory AMI-SA-2025003 (CVE-2024-54084,CVE-2024-54085)

Brocade is aware of AMI Security Advisory AMI-SA202503 disclosing CVE-2024-54084, CVE-2024-54085. CVE-2024-54084 APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may...

📄 Clothing Store Management System 1.0 SQL Injection

Clothing Store Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Titles: Clothing Store Management System-1.0 SQLi Bypass Authentication Author: nu11secur1ty Date: 04/22/2025 Vendor: https://github.com/oretnom23 Software:...

📄 Invoice 1.0 SQL Injection / Shell Upload

Invoice version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass which in turn could be used to upload a shell. Titles: INVOICE-1.0-Copyright©2025-SQLi-Bypass-Authentication+FU+RCE Author: nu11secur1ty Date: 04/07/2025 Vendor: https://github.com/oretnom2...

Advisory ROSA-SA-2025-2732

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 packageevrstring: pam-1.3.1-36.0.1.rv30 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

NEXT-EMP 1.0 Shell Upload

NEXT-EMP version 1.0 suffers from a remote shell upload vulnerability. Titles: NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Date: 01/29/2025 Vendor: https://www.mayurik.com/ Software:...

Banking 1.0 SQL Injection Vulnerability

Banking version 1.0 suffers from a remote SQL injection vulnerability. Titles: banking-1.0-Copyright©2025-Multiple-SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Reference:...

Copyright Loan Management System 2024 1.0 SQL Injection

Title: Copyright © Loan Management System 2024-1.0 Multiple-SQLi Author: nu11secur1ty Date: 01/12/2024 Vendor: https://twitter.com/razormist Software: https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html Reference:...

Penglead 2.0 SQL Injection

Title: penglead-2.0 SQLi-Bypass Authentication Author: nu11secur1ty Date: 11/10/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P2760/lead-management-system-in-php-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The id...

PHP Shopping Cart 4.2 SQL Injection Vulnerability

Title: PHP Shopping Cart-4.2 Multiple-SQLi Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software:https://www.phpjabbers.com/php-shopping-cart-script/sectionPricing Reference: https://portswigger.net/web-security/sql-injection Description: The id parameter appears to be vulnerable to S...

Cinema Booking System 1.0 Cross Site Scripting

Title: Cinema Booking System-1.0 XSS-Reflected Author: nu11secur1ty Date: 09/05/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/car-rental-script/ Reference: https://portswigger.net/web-security/sql-injection Description: The name of an arbitrarily supplied URL...

Webigniter 28.7.23 Shell Upload Vulnerability

Title: WEBIGniter-28.7.23 File Upload - RCE Author: nu11secur1ty Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload vulnerability. The attacker can upload and he...

Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium

Vulnerability analysis results in Orange Cyberdefenses' Security Navigator show that some vulnerabilities first discovered in 1999 are still found in networks today. This is concerning. Age of VOC findings Our Vulnerability Scans are performed on a recurring basis, which provides us the opportuni...

Advisory ROSA-SA-2021-1808

Software: binutils 2.27 OS: Cobalt 7.9 CVE-ID: CVE-2017-12448 CVE-Crit: HIGH CVE-DESC: The bfdcacheclose function in bfd / cache.c in the Binary File Descriptor BFD library also known as libbfd distributed in GNU Binutils 2.29 and earlier allows remote attackers to invoke heap usage upon release...

Bs Auction Script SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs Auction Script Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL :http://www.brotherscripts.com/...

IXXO Cart for Joomla SQLi Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : IXXO Cart for Joomla SQLi Vulnerability Date : july 9,2010 Critical Level : HIGH vendor URL :http://www.php-shop-system.com/...

Joomla MyHome Component (com_myhome) Blind SQL Injection Vulnerability

No description provided by source. Name : Joomla commyhome BSQLi Vulnerability Date : july 10,2010 Critical Level : HIGH vendor URL :http://www.unisoft.me/ Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...

Omnistar Mailer Multiple Vulnerabilities

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Omnistar Mailer SQLi Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://www.omnistarmailer.com/ Autho...

Joomla NijnaMonials Component (com_ninjamonials) Blind SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla comninjamonials BSqli Vulnerability Date : july 4,2010 Critical Level : HIGH vendor URL :http://ninjaforge.com/ Author :...

Omnistar Mailer - Multiple Vulnerabilities

Omnistar Mailer - Multiple Vulnerabilities 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Omnistar Mailer SQLi Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://www.omnistarmailer.co...