16 matches found
CVE-2025-6618
creationtimestamp| type| source ---|---|--- 2025-06-25 18:06:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19491 2025-06-30 20:26:59+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114774193882630947...
Directory Traversal Vulnerability in Changjitong T+ of Changjitong Information Technology Co.
T+ is a dynamic, intelligent and fashionable Internet management software, mainly for small and medium-sized industrial, trade and commerce enterprises with integrated financial and business applications, incorporating elements of socialization, mobility, Internet of Things, e-commerce and Intern...
Code Execution Vulnerability in CMS Content Management System of Chengdu JINWEI TECHNOLOGY Co.
Chengdu today network technology limited company scope of business: computer hardware and software development; computer hardware and software technology services, computer information technology consulting services; computer network engineering construction, etc.. Code execution vulnerability...
SQL Injection Vulnerability in Jiangsu Lianbang Information Technology Co.
Jiangsu Lianbang Information Technology Co., Ltd. is a high-tech enterprise integrating Internet and mobile Internet system research and development, smart city, traditional e-commerce transformation and digital media development. Jiangsu Lianbang Information Technology Co., Ltd. station building...
Feds: Cyberattack on NASA's JPL Threatened Mission-Control Data
NASA’s Jet Propulsion Laboratory JPL may know how to send delicate equipment to Mars, but basic cybersecurity best practices appear to pose an issue for it. A comprehensive federal review has detailed an April 2018 security incident that compromised mission systems – stemming from multiple IT...
Plogger Photo Gallery SQL Injection
Exploit Title: Plogger Photo Gallery Script SQL Injection Vulnerability Date: 2012 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr Issue: SQL Injection Risk level: High The remote attacker has the possibility to execute arbitrary SQ...
SocialCMS Cross Site Scripting / SQL Injection
Exploit Title: SocialCMS SQL Injection and XSS Vulnerability Date: 2012 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection and XSS can be done using the POST method. Vulnerable Page: ajax/commentajax.php SQL Injecti...
P-Chat 0.9 Cross Site Scripting
Exploit Title: P-Chat v0.9 XSS Vulnerability Date: 2012 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE Cross Site Scripting can be done using the command input Vulnerable Page: index.php XSS Example: "/ XSS Code POC:...
Ajax Script Cross Site Scripting / SQL Injection
Exploit Title: Ajax Script SQL Injection and XSS Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection and XSS can be done using the POST method. Tamper data is available. Vulnerable Page:...
Social Book Facebook Clone Script Cross Site Scripting
Exploit Title: Social Book Facebook Clone Script Reflected XSS Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE XSS can be done using the command input Vulnerable Page: signup.php lostpass.php login.php...
Innovate Portal Cross Site Scripting
Exploit Title: Innovate Portal XSS Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE XSS can be done using the command input Vulnerable Page: index.php Example:...
Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET)
Department of Homeland Security Releases Cyber Security Evaluation Tool CSET The Cyber Security Evaluation Tool CSET is a Department of Homeland Security DHS product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS National...
Kolifa News System Cross Site Scripting / SQL Injection
Exploit Title: Kolifa News System SQL Injection - Stored XSS Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection and XSS can be done using the command input Vulnerable Page: arama.php iletisim.php...
Myisoft EasyGallery Cross Site Scripting / SQL Injection
Exploit Title: MYISOFT EasyGallery SQL Injection - Blind SQL Injection - Stored XSS Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection, Blind SQL Injection and XSS can be done using the command input...
Gentle Tell A Friend Script Cross Site Scripting
Exploit Title: Gentle Tell A Friend Script Stored XSS Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE Cross Site Scripting can be done using the command input Vulnerable Field: First Name Field, Last Name Field,...
New Certifications Will Set High Bar for IT Security Pros
A new non-profit group is developing certifications for information technology security professionals that will set a high bar for IT security practitioners in areas like penetration testing, code auditing and control systems operation. The National Board of Information Security Examiners NBISE i...