GHSA-HF2R-9GF9-RWCH Convict has prototype pollution via load(), loadFile(), and schema initialization

Impact Two unguarded prototype pollution paths exist, not covered by previous fixes: 1. config.load / config.loadFile — overlay recursively merges config data without checking for forbidden keys. Input containing proto or constructor.prototype e.g. from a JSON file causes the recursion to reach...

Senayan Library Management System 9.2.2 SQL Injection

Title: Senayan Library Management System v9.2.2 a.k.a SLIMS 9 Multiple SQLi-Not sanitizing correctly cookie session. Author: nu11secur1ty Date: 12.20.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.2 Reference:...

Air Cargo Management System v1.0 - SQLi

Title: Air Cargo Management System v1.0 - SQLi Author: nu11secur1ty Date: 02.18.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15188/air-cargo-management-system-php-oop-free-source-code.html Reference:...

Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ Gaming Directory 1.0 catid Remote SQL Injection Vulnerability ================================================================...

Gaming Directory 1.0 - 'cat_id' SQL Injection

--==+================================================================================+==-- --==+ Gaming Directory 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 5 April 2008...

fapersianhack-sql.txt

FaScript FaPersianHack v1 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://fascript.com/fapersianhack.zip Injection Adress : http://Sitename/ph/show.php?id= Help : In This Script Admin Username and Password Save in ./admin/pconfig.php You can open this file with...