Indio Networks Unibox SMB 跨站请求伪造漏洞

Indio Networks Unibox SMB and others are a wireless Wi-Fi from Indio Networks India. A cross-site request forgery vulnerability exists in Unibox SMB version 2.4 and UniBox Enterprise Series version 2.4 and UniBox Campus Series version 2.4, which stems from a cross-site request forgery CSRF...

iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation

iDS6 DSSPro Digital Signage System 6.2 Improper Access Control Privilege Escalation Vendor: Guangzhou Yeroo Tech Co., Ltd. Product web page: http://www.yerootech.com Affected version: V6.2 B2014.12.12.1220 V5.6 B2017.07.12.1757 V4.3 Summary: iDS6 Software's DSSPro network digital signage manageme...

Serpico Cross-Site Scripting Vulnerability (CNVD-2020-03856)

Serpico is a penetration test report generation and collaboration tool. A cross-site scripting vulnerability exists in Serpico version 1.3.0 in admin/listuser, which stems from the lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...

ASUS SmartHome Access Control Error Vulnerability

ASUS SmartHome is a smart home control and management application from Asus Taiwan, China. A security vulnerability exists in ASUS SmartHome 3.0.42190515 and later Android and 2.0.22 and earlier iOS. The vulnerability can be exploited by an attacker with the http://target/smarthome/devicecontrol...

CVE-2018-18449

EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339...

CVE-2018-1002008

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable...

K-Shell by kikicoco VHS version 1.2 edition (.aspx)

Данная утилита предназначенна для системных администраторов для удаленного управления своим сервером. Любое незаконное использование скрипта преследуется по закону. last update: 06.05.2013 21:20 Что может: Wso-style Server IP Client IP HostName Username OS Version IIS Version System Dir...

OpenJDK allows to list files within the user home directory (6484091)

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors...

sharecms-sql.txt

============================================================== ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...