252 matches found
Employee Management System 1.0 - Cross Site Scripting (Stored)
Exploit Title: Employee Management System 1.0 - Stored Cross Site Scripting Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...
Employee Management System 1.0 SQL Injection
Exploit Title: Employee Management System 1.0 - Authentication Bypass Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...
Privilege Escalation
kernel is vulnerable to privilege escalation. The vulnerability exists as a flaw was found in the Xen PAL emulation on Intel 64 platforms. A guest Hardware-assisted virtual machine HVM could read the arbitrary physical memory of the host system, which could make information available to...
pal-pscd.org Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1090162 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
A week in security (January 20 – 26)
Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes...
Express Invoice 7.12 - (Customer) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting Exploit Author: Debashis Pal Vendor Homepage: https://www.nchsoftware.com/ Source: https://www.nchsoftware.com/invoice/index.html Version: Express Invoice v7.12 C...
libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c
A vulnerability was found in LibTIFF, where an out-of-bounds write in the cpTags function in tools/tiff2bw.c and tools/pal2rgb.c could lead to a denial of service., anattacker could exploit this flaw by convincing a victim to open a specially crafted file, potentially causing the application to...
CVE-2018-5892
The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear...
Code injection
The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear...
CVE-2018-5892
The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear...
CVE-2018-5892
CVE-2018-5892 concerns Touch Pal on Snapdragon Mobile and Snapdragon Wear where the app can collect user behavior data without user awareness. The NVD entry lists a NETWORK attack vector with low attack complexity and no user interaction required, and indicates partial confidentiality impact alon...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
/ Title: Linux/x86 - execve/bin/sh Polymorphic Shellcode 53 bytes Date: 10-Jan-2018 Exploit Author: Debashis Pal SLAE-1122 Tested on: i686 GNU/Linux '//bin/sh' = 0x68732f6e 0x69622f2f polymorphic.nasm global start section .text start: add esi, 0x30 ;junk xor ecx, ecx mul ecx mov dword esp-4, ecx...
Hello Pal: Talk to the World - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Hello Pal: Talk to the World published at the 'play' market has multiple vulnerabilities...
Google Youtube - Filter Bypass & Persistent Vulnerability
Document Title: =============== Google Youtube - Filter Bypass & Persistent Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1352 Google Security ID: 9-5942000004564 View: https://www.youtube.com/watch?v=656LM9zGLxc Article:...
BLOG:CMS <= 4.1.3 (NP_UserSharing.php) Remote Inclusion Vulnerability
No description provided by source. BLOG:CMS Remote file include Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] global $DIRADMIN; include...
else if cms 0.6 - Multiple Vulnerabilities / exploit
No description provided by source. ELSEIF CMS Tested on Else If version Beta 0.6 Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] These Are Examples .. iam tiered fetching the injected files : Remote File inclusion...
UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? // UBB.threads Multiple input validation error // Discovered By : HACKERS PAL // Copy rights : HACKERS PAL // Website : http://www.soqor.net // Email Address : [email protected] // Tested on Version 6 6.5.1.1 and other...
Specialist Bed and Breakfast Website SQL Injection Vulnerability
No description provided by source. Exploit Title: Specialist Bed and Breakfast website SQL injection Vulnerability Date: 30/06/2010 Author: JaMbA Script url: http://www.internetdm.co.uk/site/pages.php?fid=0,1,356 Version: N/A Tested on: Windows CVE : :::::::::::::::::::::::::...
2DayBiz photo sharing script SQL injection Vulnerability
No description provided by source. Exploit Title: photo sharing script SQL injection Vulnerability Date: 24/06/2010 Author: JaMbA Script url: http://www.2daybiz.com/photosharingscript.html Version: N/A Tested on: Windows CVE : ::::::::::::::::::::::::: :::::::::::::::::::::::::...
torrenttrader classic 1.07 Multiple Vulnerabilities
No description provided by source. TorrentTrader Classic Mutiple Remote vulnerabilities Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on TorrentTrader Classic v1.07 local file inclusion...