96 matches found
htb-soft.com Cross Site Scripting vulnerability OBB-2473938
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
UVI-2021-1000802 sch_htb: fix refcount leak in htb_parent_to_leaf_offload
schhtb: fix refcount leak in htbparenttoleafoffload This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...
PT-2024-11177 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak issue has been identified in the Linux kernel, specifically in the htb parent to leaf offload function. The commit ae81feb7338c, which aimed to fix a NULL pointer...
Autoenum - Automatic Service Enumeration Script
Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during CTFs and pen testing environments i.e. HTB, VulnHub, OSCP and draws a bit from a number of existing tools including AutoRecon https://github.com/Tib3rius/AutoRecon, Auto-Rec...
Docker for Pentest - Image With The More Used Tools To Create A Pentest Environment Easily And Quickly
Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly. Features OS, networking, developing and pentesting tools installed. Connection to HTB Hack the Box vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzd...
pfSense 2.2 Cross Site Request Forgery / Cross Site Scripting
Advisory ID: HTB23251 Product: pfSense Vendor: Electric Sheep Fencing LLC Vulnerable Versions: 2.2 and probably prior Tested Version: 2.2 Advisory Publication: March 4, 2015 without technical details Vendor Notification: March 4, 2015 Vendor Patch: March 5, 2015 Public Disclosure: March 25, 2015...
MyWebSQL 3.4 Cross Site Scripting Vulnerability
MyWebSQL version 3.4 suffers from a cross site scripting vulnerability. Product: MyWebSQL Vendor: http://mywebsql.net/ Vulnerable Versions: 3.4 and probably prior Tested Version: 3.4 Advisory Publication: June 25, 2014 without technical details Vendor Notification: June 25, 2014 Public Disclosure...
T-HTB Manager 0.5 - Multiple Blind SQL Injection Vulnerabilities
No description provided by source. Salvatore drosophila Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by:...
Multiple vulnerabilities in web@all
Advisory ID: HTB23094 Product: web@all Vendor: webatall.org Vulnerable Versions: 2.0 downloaded before 30th of May 2012; prior versions may also be vulnerable Tested Version: 2.0 downloaded on 25th of May 2012 Vendor Notification: 30 May 2012 Vendor Patch: 30 May 2012 Public Disclosure: 20 June...
Sql injection
Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in a deletecategory action, 2 the name parameter in an updatecategory action, and other vectors...
CVE-2009-3494
The CVE describes SQL injection vulnerabilities in the web application component index.php of T-HTB Manager 0.5. The root cause is improper handling of inputs when magic_quotes_gpc is disabled, enabling remote attackers to inject arbitrary SQL commands through parameters such as id (in delete_cat...
T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities
No description provided by source. Salvatore "drosophila" Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by:...
T-HTB Manager Mutiple Blind SQL Injection
Salvatore "drosophila" Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by: Salvatore Fresta aka drosophila +...
T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ============================================================== T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities ============================================================== Salvatore "drosophila" Fresta + Application: T-HTB...
T-HTB Manager 0.5 - Multiple Blind SQL Injections
T-HTB Manager 0.5 - Multiple Blind SQL Injections Salvatore "drosophila" Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 +...
T-HTB Manager 0.5 Blind SQL Injection
Salvatore "drosophila" Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by: Salvatore Fresta aka drosophila +...