16603 matches found
Denial Of Service (DoS)
froxlor/froxlor is vulnerable to Denial Of Service DoS. The vulnerability exists because of a lack of HTTP request validation in the rate-limiting functionality during a password reset, which allows an attacker to crash the application...
Privilege Escalation
org.apache.inlong is vulnerable to Privilege Escalation. The vulnerability exists because the library does not properly remove the permission when deleting a user, allowing an attacker with a valid but unprivileged account to send malicious login requests and follow it with a subsequent HTTP...
CVE-2023-33278
In the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection...
CVE-2023-33280
In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection...
Node.js: HTTP Request Smuggling via Empty headers separated by CR
HTTP Request Smuggling HRS was possible in Node.js v20.2.0 due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. The CR character without LF was sufficient to delimit HTTP header fields in the llhttp parser, which is not compliant with RFC7230...
CVE-2023-33278
In the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection...
CVE-2023-33279
In the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection...
PrestaShop SQL注入漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop 3.6.1 and prior versions, which stems from a sensitive SQL cal...
Amazon Linux 2022 : golang, golang-bin, golang-misc (ALAS2022-2022-128)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-128 advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating chunked encoding. This issue could allow request smuggling, but only if combined with an...
Important: Red Hat Security Advisory: httpd24-httpd security update
An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
httpd: HTTP request splitting with mod_rewrite and mod_proxy
A vulnerability was found in httpd. This security issue occurs when some modproxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern...
LeadPro CRM 1.0 SQL Injection
Exploit Title: LeadPro CRM v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/leadifly-lead-call-center-crm/43485578 Demo Site: https://demo.leadifly.in Tested on: Kali Linux CVE: N/A Request GET...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a malicious actor to read arbitrary files.
The vulnerability in the web interface for managing Cisco Identity Services Engine ISE platforms relates to the implementation of security functions at the client side. Exploiting this vulnerability allows a malicious actor to read arbitrary files using a specially created HTTP request...
SitemagicCMS 4.4.3 Shell Upload
Exploit Title: SitemagicCMS 4.4.3 Remote Code Execution RCE Application: SitemagicCMS Version: 4.4.3 Bugs: RCE Technology: PHP Vendor URL: https://sitemagic.org/Download.html Software Link: https://github.com/Jemt/SitemagicCMS Date of found: 14-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...
PaperCut NG/MG 22.0.4 Remote Code Execution
Exploit Title: PaperCut NG/MG 22.0.4 - Remote Code Execution RCE Date: 13 May 2023 Exploit Author: Mohin Paramasivam Shad0wQu35t and MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests import argparse Grouppayload =...
Smart School v1.0 - SQL Injection
Exploit Title: Smart School v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/smart-school-school-management-system/19426018 Demo Site: https://demo.smart-school.in Tested on: Kali Linux CVE: N/A Request POST /course/filterRecords/ HTTP/1....
CVE-2023-31062
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid but unprivileged account, the exploit can be executed using Burp Suite by sending a login request and...
CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid but unprivileged account, the exploit can be executed using Burp Suite by sending a login request and...
Exploit for HTTP Request Smuggling in Apache Http_Server
CVE 2023 25690 - Proof of Concept Published: 7 March 2023...
MGASA-2023-0175 Updated apache-mod_security packages fix security vulnerability
HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall CVE-2022-48279 Incorrect handling of '\0' bytes in file uploads in ModSecurity may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules...