EUVD-2009-0754

Malware in sbrugna...

CVE-2023-47127

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused on the...

TYPO3 8.0.0 < 8.7.55 ELTS / 9.0.0 < 9.5.44 ELTS / 10.0.0 < 10.4.41 ELTS / 11.0.0 < 11.5.33 / 12.0.0 < 12.4.8 (TYPO3-CORE-SA-2023-006)

The version of TYPO3 installed on the remote host is prior to 8.0.0 8.7.55 ELTS / 9.0.0 9.5.44 ELTS / 10.0.0 10.4.41 ELTS / 11.0.0 11.5.33 / 12.0.0 12.4.8. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2023-006 advisory. - Given that there are at least two...

Rate Limiting Logic Error

MediaWiki is vulnerable to rate limiting logic error. Rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can still be made across many wikis/sites concurrently...

Dirhunt - Find Web Directories Without Bruteforce

Dirhunt is a web crawler optimize for search and analyze directories. This tool can find interesting things if the server has the "index of" mode enabled. Dirhunt is also useful if the directory listing is not enabled. It detects directories with false 404 errors , directories where an empty inde...

shard - A Command Line Tool To Detect Shared Passwords

A command line tool to detect shared passwords Usage List options: $ java -jar shard-1.2.jar --help Shard 1.2 Usage: java -jar shard-1.2.jar options -u, --username Username to test -p, --password Password to test -f, --file File containing a set of credentials --format The format of the...

某通用教育网站程序SQL注入漏洞

简要描述： 某通用教育网站程序SQL注入漏洞 详细说明： 使用量非常多 http://www.dlwsxx.com/ws2004/model/login1.asp http://www.fzjcxx.cn/ws2004/model/login1.asp http://www.nxyancgjzx.com/ws2004/model/login1.asp http://www.sgtjb.com/ws2004/model/login1.asp http://www.sdwhys.com/ws2004/model/login1.asp...

MyBB Ajax Chat SQL Vulnerability

Dork: intitle:MyBB Ajax Chat http://server/chatframe.php?rs=getChats&rsargs=" http://wolf-den.net/forums/chatframe.php?rs=getChats&rsargs=" http://www.cycle-soft.com/forum/chatframe.php?rs=getChats&rsargs=" http://www.forofusion.com/chatframe.php?rs=getChats&rsargs="...

Evernote hacked, reset your password Now !

Cloud note-taking service Evernote has been hacked and now you have to reset your password imminently. According to a post on the official Evernote blog, an unidentified attacker compromise the servers and extracted usernames, email addresses, and passwords. "Evernote's Operations & Security team...

baserCMS vulnerable to session management

Overview baserCMS contains a vulnerability in session management. baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an...