Sourcecodester Pisay Online E-Learning System SQL Injection Vulnerability (CNVD-2021-95936)

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. Sourcecodester Pisay Online E-Learning System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in a database-based...

Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated)

Exploit Title: Simple Employee Records System 1.0 - File Upload RCE Unauthenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11393/employee-records-system.html Software Link:...

Medium: gd

Issue Overview: An integer overflow, leading to a heap-based buffer overflow was found in the imagecreatefromgd2 function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application,...

Debian DLA-2345-1 : php7.0 security update

It was discovered that there was a use-after-free vulnerability when parsing PHAR files, a method of putting entire PHP applications into a single file. For Debian 9 'Stretch', this problem has been fixed in version 7.0.33-0+deb9u9. We recommend that you upgrade your php7.0 packages. For the...

Lexiglot SQL Injection Vulnerability

Lexiglot is a translation platform written in PHP by the French software developer Damien Sorel. A SQL injection vulnerability exists in Lexiglot versions 2014-11-20 and earlier. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications...

WordPress < 5.4.1

WordPress versions 5.4.0 and earlier are affected by multiple vulnerabilities. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security Advisory wordpress-5-4-1. include'compat.inc'; if description scriptid136179;...

Drupal 7.x < 7.13 Multiple Vulnerabilities

The remote web server is running a PHP application that is affected by a cross-site request forgery vulnerabilit. A csrf vulnerability exists allowing remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. CVE-2007-6752...

Huawei EulerOS: Security Advisory for file (EulerOS-SA-2019-1424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.1.0 : file (EulerOS-SA-2019-1424)

According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the File Information fileinfo extension rules for detecting AWK files. A remote attacker coul...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)

FreeSMS 2.1.2 - SQL Injection Authentication Bypass Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps...

Web Wiz Forums 12.01 Database Disclosure

Exploit Title : Web Wiz Forums 12.01 Database Backup Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 26/02/2019 Vendor Homepage : webwiz.net Software Download Link : webwiz.net/web-wiz-forums/forum-downloads.htm Software Information Link :...

SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP

SSRF protocol smuggling involves an attacker injecting one TCP protocol into a dissimilar TCP protocol. A classic example is using gopher i.e. the first protocol to smuggle SMTP i.e. the second protocol: 1 |...

Joomla! < 3.8.12 Multiple Vulnerabilities

According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.8.12. It is, therefore, affected by malicious file upload and stored cross-site scripting vulnerabilities. Additionally, versions 3.7.0 through 3.8.11 are affected by an access...

WordPress < 4.9.7 Arbitrary File Deletion Vulnerability

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.7. It is, therefore, affected by an arbitrary file deletion vulnerability that can lead to remote code execution. C Tenable Network Security, Inc. include'compat.inc'; if...

UserPro Plugin for WordPress up_auto_log Parameter Remote Authentication Bypass

The UserPro Plugin for WordPress running on the remote web server is prior to version 4.9.17.1 It is, therefore, affected by a remote authentication bypass vulnerability. A remote, unauthenticated attacker can exploit this vulnerability, via a specially crafted request, to login as an...

biotuintilburg.nl XSS vulnerability

Open Bug Bounty ID: OBB-620933 Description| Value ---|--- Affected Website:| biotuintilburg.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI

"ProjectPier is a Free, Open-Source, PHP application for managing tasks, projects and teams through an intuitive web interface." https://github.com/Project-Pier https://sourceforge.net/projects/projectpier/ I reached out to the vendor via several channels to report the findings below, but receive...

Remote Code Execution (RCE)

drupal/core is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the lack of sanitization applied to URL endpoints where array objects can be supplied to request parameters, allowing a potential compromise of the PHP application, and even the underlying operating...

WordPress < 2.8.3 'wp-admin' Multiple Security Bypass Vulnerabilities

According to its self-reported version number, the WordPress application running on the remote web server is prior to 2.8.3. It is, therefore, affected by multiple security bypass vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...