CVE-2021-21919

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack...

CVE-2021-21919

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack...

ord-ua.com Improper Access Control vulnerability OBB-2198721

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ResourceSpace 8.6 - 'collection_edit.php' SQL Injection

Exploit Title: ResourceSpace &redirect=yes&ref=3620&submitted=true&name=PWNED&keywords=&copy=&save=%C2%A0%C2%A0Save%C2%A0%C2%A0'...

EZMCOM ORD - Certificates or keys found, Customized SSL, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application EZMCOM ORD published at the 'play' market has multiple vulnerabilities...

Maccms V8 最新版SQL注入（无视GPC）

简要描述： 官网刚下的程序，确认不重复。利用起来特别有意思。 详细说明： 苹果CMS使用be函数来获取参数 function be$mode,$key,$sp=',' iniset"magicquotesruntime", 0; $magicq= getmagicquotesgpc; switch$mode case 'post': $res=isset$POST$key ? $magicq?$POST$key:@addslashes$POST$key : ''; break; case 'get': $res=isset$GET$key ?...

Savant 3.1 Web Server Overflow

No description provided by source. $Id: savant31overflow.rb 10546 2010-10-04 20:53:51Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

Savant Web Server 3.1 - Remote Overflow (Metasploit)

$Id: savant31overflow.rb 10546 2010-10-04 20:53:51Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

EasyFTP Server list.html path Stack Buffer Overflow

This module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing the 'path' parameter supplied to an HTTP GET request, which leads to a stack based buffer overflow. EasyFTP allows anonymous access by default; valid credentia...

Joomla! Component user_id com_sqlreport - Blind SQL Injection

============================================================================== »Joomla Component userid comsqlreport Blind SQL Injection Vulnerability ============================================================================== » Script: Joomla » Language: PHP » Founder: Snakespc...

Savant 3.1 Web Server Overflow

This module exploits a stack buffer overflow in Savant 3.1 Web Server. The service supports a maximum of 10 threads for a default install. Each exploit attempt generally causes a thread to die whether successful or not. Therefore, in a default configuration, you only have 10 chances. Due to the...

CVE-2004-2553

The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument...