CVE-2020-24057

The management website of the Verint S5120FD VerintFW042 unit features a CGI endpoint 'ipfilter.cgi' that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to execute arbitrary commands as...

EUVD-2022-48392

Malicious code in bioql PyPI...

Future-Depth Institutional Management Website 代码问题漏洞

Future-Depth Institutional Management Website is a user-friendly institutional website from the individual developers at Future-Depth that offers various types of courses for students. A security vulnerability exists in Future-Depth Institutional Management Website IMS version 1.0. An attacker...

CVE-2021-41433

SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php...

ZTE ZXEN CG200 Denial of Service Vulnerability

The ZTE ZXEN CG200 is a government and enterprise gateway device from China's ZTE Corporation ZTE. A denial of service vulnerability exists in ZXEN CG200 V1.0.0P1N5M and previous versions, which stems from improper handling of a large number of message requests. An attacker can exploit the...

zbzcms arbitrary file upload vulnerability

zbzcms station helper CMS is a content management website of China station helper CMS zbzcms company. zbzcms version 1.0 has an arbitrary file upload vulnerability, which can be exploited by attackers to execute arbitrary code via specially crafted PHP files...

financieel-management.nl Cross Site Scripting vulnerability OBB-2367605

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Sourcecodester Online Event Booking and Reservation System HTML Injection Vulnerability

Sourcecodester Online Event Booking and Reservation System is developed using PHP, MySQL database, HTML, CSS, Javascript, Bootstrap and AdminLTE. The system can be accessed by three types of users, namely system administrators, students and teachers. Sourcecodester Online Event Booking and...

claim-management.ch XSS vulnerability

Open Bug Bounty ID: OBB-663851 Description| Value ---|--- Affected Website:| claim-management.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

claim-management.ch XSS vulnerability

Open Bug Bounty ID: OBB-636492 Description| Value ---|--- Affected Website:| claim-management.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

zest-management.com XSS vulnerability

Open Bug Bounty ID: OBB-293168 Description| Value ---|--- Affected Website:| zest-management.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure

Introduction to the PoC : ====================================================================== In this distribution, the managment website is a binary file named "kerbynet" interpreted in cgi-bin directory here : /cdrom/usr/local/apache2/cgi-bin/kerbynet So all url look like this :...