CVE-2021-32797

CVE-2021-32797 (JupyterLab) is a remote code execution vulnerability where untrusted notebooks can run code on load due to lack of sanitization of the HTML form action attribute. Exploitation requires the user to open a specially crafted notebook, i.e., user action is required. Public sources in ...

PHPJabbers Property Listing Script 2.0 - Cross-Site Request Forgery (Add Admin)

Property Listing Script V2.0 - Add Admin CSRF Vulnerability ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.phpjabbers.com/property-listing-script/ === Exploit ===...

MiniNuke 1.8.2 - Multiple SQL Injections

Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: MiniNuke www.miniex.net Version: 1.8.2 and prior versions must be affected. About:Via this method remote attacker can inject SQL query to the news.asp --- How&Example: GET -...

CVE-2001-1242

Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. dot dot in an HTML form...