Complete Online Job Search System 1.0 - SQL Injection

Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=category&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

CVE-2024-42343 Loway - CWE-204: Observable Response Discrepancy

Loway - CWE-204: Observable Response Discrepancy...

Memory Search

This module allows for searching the memory space of running processes for potentially sensitive data such as passwords. Module Options msf use post/multi/gather/memorysearch msf postmemorysearch show actions ...actions... msf postmemorysearch set ACTION msf postmemorysearch show options ...show...

Unchecked return value of low-level call()/delegatecall()

Lines of code 120, 141, 411, 184, 160, 189, 152, 444, 625, 638https://github.com/Tapioca-DAO/tapioca-bar-audit/blob/2286f80f928f41c8bc189d0657d74ba83286c668/contract...

BytesUtils.substring accepts out of bound offset input

Lines of code Vulnerability details Impact The BytesUtils.substring function accepts out of bound offset value and returns a valid response without reverting. function substring bytes memory self, uint256 offset, uint256 len internal pure returns bytes memory requireoffset + len = self.length;...

Covenant 0.5 Remote Code Execution

Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...

RETURNS EMPTY UINT256 configs MEMORY ARRAY SINCE THE UPDATED MEMORY ARRAY IS NOT RETURNED

Lines of code Vulnerability details Impact buildConfigs function inside the Drips.sol is required to build a preprocessed list of drips configurations from receivers. Thus in its function implementation it initialized the uint256 memory configs array and send it as an argument to the addConfig...

Use After Free in function bt_quickfix

Description Use After Free in function at buffer.c:5715 . vim version git log commit 3f0092c141824356b55b11cd3985baaf4df65334 grafted, HEAD - master, tag: v9.0.0777, origin/master, origin/HEAD Proof of Concept ./vim -u NONE -i NONE -n -m -X -Z -e -s -S poc13huaf.dat -c :qa!...

CVE-2020-25459

An issue was discovered in function synctree in heterodecisiontreeguest.py in WeBank FATE Federated AI Technology Enabler 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling...

check for deposit token and reward token are not same

Handle hack3r-0m Vulnerability details Impact createStream does not check if deposit token and reward token are different addresses. Proof of Concept Not Required Tools Used Manual Review Recommended Mitigation Steps add check requirerewardToken != depositToken --- The text was updated...

Moodle SpellChecker Path Authenticated Remote Command Execution

Moodle allows an authenticated administrator to define spellcheck settings via the web interface. An administrator can update the aspell path to include a command injection. This is extremely similar to CVE-2013-3630, just using a different variable. This module was tested against Moodle version...

Information Disclosure

ansible is vulnerable to information disclosure. The return value of a specific module through basic.py is not being masked by default while using the fallback sub-option.The return value may contain confidential information such as a secret Or user credentials...

CVE-2020-23811

xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controller/UserController.java...

Hvazard - Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists!

Remove short passwords & duplicates, change lowercase to uppercase & reverse, combine wordlists! Manual & explaination -d --dict Specifies the file you want to modify. This is the only parameter / argument that is not optional. -o --out The output filename optional. Default is out.txt. -s --short...

RUSTSEC-2018-0022 Use of uninitialized memory in temporary

Uninit memory is used as a RNG seed in temporary The following function is used as a way to get entropy from the system, which does operations on and exposes uninit memory, which is UB. rust fn randomseed: &Path, : &str - u64; 2 use std::mem::uninitialized as rand; unsafe rand:: ^ 0x12345678,...

chakra: Crash in Js::PathTypeHandlerBase::AddPropertyInternal

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6042404720214016 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x5617b9e05560 Crash State:...

Joomla! Component Appointment 1.1 - SQL Injection

Joomla! Component Appointment 1.1 - SQL Injection Exploit Title: Joomla! Component Appointment v1.1 - SQL Injection Dork: N/A Date: 18.08.2017 Vendor Homepage: https://www.joomlaextensions.co.in/ Software Link: https://extensions.joomla.org/extensions/extension/appointment/ Demo:...

Internet Bug Bounty: heap-buffer-overflow (WRITE of size 8) in Perl_pp_reverse()

Reported to the Perl security mailing list on 11 June 2017. Fixed pushed to git on 13 June 2017. No advisory. ==376==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000009a80 at pc 0xd1b9c4 bp 0x7ffd21892230 sp 0x7ffd21892228 WRITE of size 8 at 0x619000009a80 thread T0 0 0xd1b9c3 in...

phpscripte24 Preisschlacht Liveshop System SQL Injection (seite&aid) index.php

No description provided by source. ----------------------------Information------------------------------------------------ +Name : phpscripte24 Preisschlacht Liveshop System SQL Injection seite&aid index.php +Autor : Easy Laster +Date : 19.03.2010 +Script : phpscripte24 Preisschlacht Liveshop...

Dan Geer, Richard Thieme on specialization in security

Two elders of information security came to Source Boston 2013 Wednesday morning to encourage the next generation to grab the torch from them and to urge great caution in diving too deeply into specialization. Heavy thinkers Dan Geer and Richard Thieme said that the industry is closing in on an en...