Lucene search
K

68 matches found

VulnCheck KEV
VulnCheck KEV
added 2023/11/27 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-49103

ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo via GetPhpInfo.php, including administrative credentials...

10CVSS7.3AI score0.78428EPSS
Exploits5References1
0day.today
0day.today
added 2023/10/09 12:0 a.m.201 views

Online ID Generator 1.0 - Remote Code Execution Vulnerability

Title: Online ID Generator 1.0 - Remote Code Execution RCE Author: nu11secur1ty Vendor: https://www.youtube.com/watch?v=JdB9po5DTc Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/idgenerator0.zip Reference: https://portswigger.net/web-security/sql-injection...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/25 12:0 a.m.310 views

Grawlix CMS 1.1.1 Cross Site Scripting

============================================================================================================================ | Title : Grawlix Cms v1.1.1 xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : http://getgrawlix.com/ | | Dork : Powered by Th...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/03/27 12:0 a.m.173 views

WebTareas 2.4 - Remote Command Execution (Authorized) Vulnerability

Exploit Title: WebTareas 2.4 - RCE Authorized Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10 using XAMPP, Apache/2.4.4...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2023/01/27 2:42 p.m.11 views

MTN Group: PHP info page disclosure in ██████████

The PHP info page was disclosed, which provided detailed information about the system and PHP configuration, including the exact PHP version, operating system, and internal IP addresses...

6.9AI score
Exploits0
CVE
CVE
added 2022/12/12 5:54 p.m.54 views

CVE-2022-3881

CVE-2022-3881 concerns the WordPress WPTools plugin, affected versions before 3.43. The issue is improper authorization and CSRF in an AJAX action, allowing any authenticated user (e.g., a subscriber) to install and activate arbitrary plugins from wordpress.org. Root cause: missing CSRF/authoriza...

5.7CVSS5.6AI score0.00438EPSS
Exploits1References1Affected Software1
Hacker One
Hacker One
added 2021/10/04 8:17 a.m.50 views

Semrush: php info file and sql backup at vendor's subdomain

Researcher found open /phpinfo.php and sql backup from mvp app at vendor's subdomain. There was no sensitive data...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/02/04 8:6 a.m.13 views

grou.ps Improper Access Control vulnerability OBB-1802803

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| grou.ps ---|--- Open Bug Bounty Program...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2020/12/04 10:56 p.m.509 views

U.S. Dept Of Defense: PHP info page disclosure

Summary: phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step-by-step Reproduction Instructions 1.Go to https://███████phpinfo Impact An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version...

1.1AI score
Exploits0
Hacker One
Hacker One
added 2020/12/03 5:23 a.m.26 views

MTN Group: PHP Info Exposing Secrets at https://radio.mtn.bj/info

Summary: During recon I discovered a PHP Info file exposing environment variables such as; Laravel APPKEY, Database username/password, SMTP username/password, etc. Steps To Reproduce: Visit the following URL; https://radio.mtn.bj/info You will be presented with a PHP Info file exposing environmen...

7.2AI score
Exploits0
Hacker One
Hacker One
added 2019/05/30 8:58 p.m.25 views

Unikrn: multiple vulnerabilities on your mautic server

Hi @unikrn! I found some vulnerabilities in you crm server: 1. By pass Cloudflare access: You Use Cloudflare Access on https://crm.unikrn.com . BUt this link bypassed Cloudflare Access: ████████/login This vulnerability generates the disclosure of important data: PHP info page: ██████████phpinfo ...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/12 12:0 a.m.93 views

ThinkPHP 5.x Remote Code Execution

Exploit Title: ThinkPHP 5.x v5.0.23,v5.1.31 Remote Code Execution Date: 2018-12-11 Exploit Author: VulnSpy Vendor Homepage: https://thinkphp.cn Software Link: https://github.com/top-think/framework/ Version: v5.x below v5.0.23,v5.1.31 CVE: N/A Exploit...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2018/09/17 4:5 p.m.20 views

Mail.ru: [moba.my.com] phpinfo, logs

PHP info and fragment of access logs were available...

1.8AI score
Exploits0
Packet Storm
Packet Storm
added 2018/01/04 12:0 a.m.34 views

Boost My Campaign 1.1 Information Disclosure

======================================================================================================= | Title : Boost My Campaign 1.1 Unauthenticated Administrative Access Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais V.Pro | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/11 12:0 a.m.35 views

WordPress W3 Total Cache 0.9.4.1 Race Condition

------------------------------------------------------------------------ Information disclosure race condition in W3 Total Cache WordPress Plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2016/09/05 5:28 p.m.26 views

Boozt Fashion AB: PHP info page disclosure on http://www.day.dk/

Hi, Boozt team. Description: phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step to reproduce: 1. Go to http://www.day.dk/check.php An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/05/12 12:0 a.m.21 views

蝉知CMS5.3 CRSF getshell

简要描述: 蝉知CMS5.3 CRSF getshell 详细说明: /system/module/package/control.php public function upload$type = 'extension' $this-view-canManage = array'result' = 'success'; if!$this-loadModel'guarder'-verify $this-view-canManage = $this-loadModel'common'-verifyAdmin; if$SERVER'REQUESTMETHOD' == 'POST'...

7AI score
Exploits0
CNVD
CNVD
added 2015/03/12 12:0 a.m.6 views

Zeuscart Information Disclosure Vulnerability

ZeusCart is an open source shopping system based on PHP and MySQL designed for small and medium-sized online stores. A security vulnerability exists in ZeusCart version 4. A remote attacker can exploit the vulnerability to obtain configuration information by calling the 'phpinfo' function in admi...

5CVSS6.8AI score0.08399EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/11/13 12:0 a.m.33 views

Drupal < 7.32 Pre Auth SQL Injection

No description provided by source. ?php // // / / / // / / // \ / / /// / / / / / / / / / // / / / , / // / // / / / / // / / / // ////||//// ///// /// // Poc for Drupal Pre Auth SQL Injection - c 2014 SektionEins // // created by Stefan Horst [email protected] // and Stefan Esser...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Hiverr 2.2 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Hiverr v2.2 Multiple Vulnerabilities Date: 05.02.2013 Author: xStarCode Exploit Author: xStarCode Version: 2.2 Category: webapps Google Dork: Tested on: Linux Exploit: -----Index Vulnerabilities: == SQL Injections...

7.1AI score
Exploits0
Rows per page
Query Builder