CVE-2022-46169 Unauthenticated Command Injection

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

Ubuntu: Security Advisory (USN-55-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Matrimonial PHP Script 1.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Matrimonial PHP Script 1.0 SQL Injection Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr │ │ : │ Website : uisort.com │ │ │ │ Vendor : Uisort Technologies Pvt. Ltd. │ │ │...

Marty Marketplace Multi Vendor Ecommerce Script 1.2 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

CVE-2017-20128

A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit h...

CVE-2017-20128

KB Messages PHP Script 1.0 is affected by an unauthenticated SQL injection vulnerability. The issue arises from improper handling of the username/password inputs, where the payload 'or''=' enables injection. It is exploitable remotely and the exploit has been publicly disclosed, making active exp...

CVE-2017-20128 KB Messages PHP Script sql injection

A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit h...

CVE-2017-20128 KB Messages PHP Script sql injection

A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit h...

The vulnerability of the SEPCOS Single Package control and protection system from Secheron SEPCOS allows a intruder to trigger a system reboot.

The vulnerability of the SEPCOS Single Package control and protection relay software is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow an attacker, operating remotely, to trigger a system reboot by executing the JS functi...

CAPTCHA 4WP < 7.1.0 - Local File Inclusion via CSRF

The plugin lets user input reach a sensitive requireonce call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server. 1 Create a malicious PHP script $ echo ' shell.php 2 Add it to a fake .doc file, who will...

CVE-2022-1667

Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC e.g., from the browser console or by loading the corresponding, browser accessible PHP script...

Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network

The Parrot traffic direction system TDS that came to light earlier this year has had a larger impact than previously thought, according to new research. Sucuri, which has been tracking the same campaign since February 2019 under the name "NDSW/NDSX," said that "the malware was one of the top...

CVE-2022-30352

phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "authuser" parameter in index.php script...

CVE-2021-42643

cmseasy V7.7.520211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability...

Remote code execution

cmseasy V7.7.520211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability...

Car Portal Template Cross Site Scripting

Document Title: =============== Car Portal Template - Search Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2299 Release Date: ============= 2022-02-08 Vulnerability Laboratory ID VL-ID: ====================================...

Car Portal Template - (Search) Persistent Web Vulnerability

Document Title: =============== Car Portal Template - Search Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2299 Release Date: ============= 2022-02-08 Vulnerability Laboratory ID VL-ID: ====================================...

uBidAuction 2.0.1 Cross Site Scripting Vulnerability

Document Title: =============== uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities Product & Service Introduction: =============================== uBidAuction is a powerful, scalable & fully-featured classic and bid auction software that lets create the ultimate profitable online auctions...