8 matches found
Exploit for CVE-2025-4396
CVE-2025-4396 - WordPress Relevanssi Time-Based Blind SQL Inje...
EUVD-2019-18490
Malware in sbrugna...
EUVD-2016-10294
Malware in sbrugna...
CVE-2023-27481 Extract password hashes through export querying in directus
Directus is a real-time API and App dashboard for managing SQL database content. In versions prior to 9.16.0 users with read access to the password field in directususers can extract the argon2 password hashes by brute forcing the export functionality combined with a startswith filter. This allow...
Code injection
An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0...
CVE-2018-15357
An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0...
IBM Lotus Domino R8 - Password Hash Extraction
Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage: https://www-01.ibm.com/software/lotus/category/messaging/ Tested on: Lotus Domino...
FLDS 1.2a Blind SQL Injection
FLDS 1.2a lpro.php id Blind SQL Injection Vulnerability + Discovered By SirGod + Greetz : All my friends + Blind SQL Injection - Get username : http://target/path/lpro.php?id=1 and asciisubstringSELECT username from users limit 0,1,1,196 Query is truepage loads normally.Going to next ascii char...