36 matches found
CVE-2026-41859
A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...
PT-2026-20462
Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information including plaintext password field values via direct HTTP GET requests to these endpoints without a valid session...
EUVD-2019-19165
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-9803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be...
SkyScraper Security Vulnerability
SkyScraper is an AWS infrastructure and management resources and costs GUI dashboard from Open Source Labs. SkyScraper has a security vulnerability that stems from allowing the use of insecure HTTP requests...
PT-2023-18343 · WordPress · Woocommerce Order Status Change Notifier
Name of the Vulnerable Software and Affected Versions: WooCommerce Order Status Change Notifier WordPress plugin version 1.1.0 and earlier Description: The issue is related to a lack of authorization and CSRF protection when updating order status via an AJAX action, which is available to any...
SUSE CVE-2019-9803
The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some...
SUSE CVE-2019-17002
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox 70...
Multi Store Inventory Management System 1.0 Account Takeover Vulnerability
Exploit Title: Multi Store Inventory Management System - Account Takeover Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.bdtask.com/ Software Link: https://www.campcodes.com/projects/php/complete-multi-store-inventory-management-system-in-php-mysql/ Version: 1.0 Tested...
Online Banquet Booking System 1.0 Cross Site Request Forgery
Exploit Title: Online Banquet Booking System - 'change admin credentials' Cross-Site Request Forgery CSRF Date: 04/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/online-banquet-booking-system-using-php-and-mysql/ Version: 1.0...
Free School Management Software 1.0 Cross Site Scripting
Exploit Title: Free School Management Software 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: fuzzyap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...
Schlix CMS 2.2.6-6 Cross Site Scripting
Exploit Title: Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting Authenticated Date: 2021-05-05 Exploit Author: Emircan Baş Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows &...
Froala 3.2.6-1 Cross Site Scripting Vulnerability
Exploit Title: Stored XSS and Html Code Injection Editor Froala Version 3.2.6-1 Author: Vincent666 ibn Winnie Software Link: https://froala.com/wysiwyg-editor/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel: https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ PoC: In t...
Gitlab 11.4.7 Remote Code Execution
Exploit Title: Gitlab 11.4.7 - Remote Code Execution Date: 14-12-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net, foxlox Vendor Homepage: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested On: Debian 10 +...
Seacms 11.1 - 'file' Local File Inclusion
Exploit Title: Seacms 11.1 - 'file' Local File Inclusion Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 GET /SEACMS111/5f9js3/adminsafe.php?action=download&file=C:/windows/system.ini HTTP/1.1 Host: 192.168.137.139...
Moodle 3.8 - Unrestricted File Upload
Exploit Title: Moodle 3.8 - Unrestricted File Upload Date: 2019-09-08 Exploit Author: Sirwan Veisi Vendor Homepage: https://moodle.org/ Software Link: https://github.com/moodle/moodle Version: Moodle Versions 3.8, 3.7, 3.6, 3.5, 3.4... Tested on: Moodle Version 3.8 CWE : CWE-434 I found an...
TP-Link WDR4300 Remote Code Execution
!/usr/bin/python3 import sys import hashlib import base64 import requests import binascii import socket """ RCE via stack-based overflow on TP-Link WDR4300 N750 devices, using CVE-2017-13772. Tested on Firmware versions 3.13.33, Build 130618 and 3.14.3 Build 150518, hardware WDR4300 v1 Usage: 1...
WebPort 1.19.1 - Reflected Cross-Site Scripting
Exploit Title: WebPort 1.19.1 - Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version: v1.19.1 Tested on: Windows/Linux CVE-2019-12461...
CVE-2020-8184
A flaw was found in rubygem-rack. An attacker may be able to trick a vulnerable application into processing an insecure non-SSL or cross-origin request if they can gain the ability to write arbitrary cookies that are sent to the application. The highest threat from this vulnerability is to data...
Kartris 1.6 Arbitrary File Upload
Exploit Title: Kartris 1.6 - Arbitrary File Upload Dork: N/A Date: 2020-05-08 Exploit Author: Nhat Ha - Sun CSR Vendor Homepage: https://www.cactusoft.com/ Software Link: https://www.kartris.com/ Version: 1.6 Category: Webapps Tested on: WiN10x64/KaLiLinuXx64 CVE: N/A POC:...