1747 matches found
Multix 2.4 Cross Site Request Forgery Vulnerability
Exploit Title: Multix - Multipurpose Website CMS with Codeigniter Cross Site Request Forgery Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/multix-multipurpose-website-cms-with-codeigniter/23537596 Version: Version 2.4 Tested on Ubuntu...
Scanvus ā my open source Vulnerability Scanner for Linux hosts and Docker images
Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...
CVE-2022-29063
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...
CVE-2022-29063
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...
PT-2022-19398 Ā· Apache Ā· Apache Ofbiz
Name of the Vulnerable Software and Affected Versions: Apache OFBiz versions prior to 18.12.06 Description: The Solr plugin of Apache OFBiz is configured to automatically make a RMI request on localhost, port 1099 by default. In affected versions, an attacker may exploit this behavior by hosting ...
Apache OFBiz 代ē é®é¢ę¼ę“
Apache OFBiz is an enterprise resource planning ERP system from the Apache Foundation. A code issue vulnerability exists in Apache OFBiz Solr plugin 18.12.05 and earlier, which stems from the default configuration of automatically issuing RMI requests on port 1099 on localhost, which can be...
Apache OFBiz Code Issue Vulnerability (CNVD-2023-03920)
Apache OFBiz is an enterprise resource planning ERP system from the Apache Foundation. A code issue vulnerability exists in Apache OFBiz Solr plugin 18.12.05 and earlier, which stems from the default configuration of automatically issuing RMI requests on port 1099 on localhost, which can be...
[SECURITY] Fedora 36 Update: popub-0-0.14.20171007git6ffa11c.fc36
Publish a service from localhost onto your server...
UnAuthenticated SQL Injection
Proof of Concept POC: Vendor Domain Print version: https://yeswiki.net/?AccueiL/rss&id=1%27+and+extractvalue0x0a,concat0x0a,select+version--+- Print Database: https://yeswiki.net/?AccueiL/rss&id=1%27+and+extractvalue0x0a,concat0x0a,select+database--+- Print User:...
[SECURITY] Fedora 35 Update: popub-0-0.13.20171007git6ffa11c.fc35
Publish a service from localhost onto your server...
Fortinet FortiNAC å®å Øę¼ę“
Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is primarily used for network access control and IoT security. A security vulnerability exists in Fortinet FortiNAC, which originates from a root account that accesses the MySQL databas...
CVE-2022-23071
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery SSRF, in the āImport Recipeā functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information...
Server side request forgery (ssrf)
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery SSRF, in the āImport Recipeā functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information...
Recipes 代ē é®é¢ę¼ę“
Recipes is an application for managing recipes, planning meals, creating shopping lists, and more! A code issue vulnerability exists in Recipes versions 0.9.1 through 1.2.5 that stems from the Import Recipe feature being vulnerable to a server request forgery attack. When an attacker enters a...
CVE-2022-32155
In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In 9.0, the...
CVE-2022-32155
In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In 9.0, the...
SQL Injection
helloxz/imgurl is vulnerable to SQL Injection attacks. A attacker is able to send malicious script through the query parameter in construct to execute SQL queries on the target system via /upload/localhost...
CVE-2022-29305
imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost...
CVE-2022-29305
imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost...
CVE-2022-29305
CVE-2022-29305 concerns imgurl v2.31, which has a Blind SQL injection vulnerability located at /upload/localhost. Multiple connected sources describe the issue as an SQL injection stemming from unsanitized input in the upload handling (e.g., Veracode notes exploitation via the query parameter in ...