Lucene search
K

9 matches found

Packet Storm
Packet Storm
added 2024/09/09 12:0 a.m.181 views

POMS 1.0 Insecure Settings

============================================================================================================================================= | Title : POMS v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/09 12:0 a.m.348 views

POMS PHP 1.0 SQL Injection / Shell Upload

Titles: POMS-PHP-by oretnom23 -v1.0-FU-SQLi-RCE-HAT.TRICK 1. SQLi Bypass Authentication 2. File Upload 3. RCE Latest update from the vendor: 5 hours 32 minutes ago Author: nu11secur1ty Date: 05/07/2024 Vendor: https://github.com/oretnom23 Software:...

7.4AI score
Exploits0
Prion
Prion
added 2023/08/21 7:15 a.m.24 views

Design/Logic Flaw

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

6.4CVSS8.3AI score0.01855EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/21 6:55 a.m.18 views

CVE-2022-46751 Apache Ivy: XML External Entity vulnerability in Apache Ivy

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

8.4AI score0.01855EPSS
Exploits0References5
Nuclei
Nuclei
added 2023/06/05 7:3 a.m.15 views

Purchase Order Management v1.0 - SQL Injection

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter. id: CVE-2021-40908 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity:...

9.8CVSS10AI score0.02534EPSS
Exploits1References3
Nuclei
Nuclei
added 2023/06/05 7:3 a.m.11 views

Purchase Order Management v1.0 - SQL Injection

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php. id: CVE-2023-29622 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...

9.8CVSS10AI score0.01657EPSS
Exploits1References4
Nuclei
Nuclei
added 2023/06/05 7:3 a.m.19 views

Purchase Order Management v1.0 - SQL Injection

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier. id: CVE-2022-28023 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...

9.8CVSS9.9AI score0.03008EPSS
Exploits1References5
0day.today
0day.today
added 2021/09/10 12:0 a.m.197 views

POMS-PHP 1.0 SQL Injection Exploit

Exploit Title: POMS-PHP by: oretnom23 v1.0 is vulnerable to remote SQL-Injection-Bypass-Authentication. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Vendor: https://www.sourcecodester.com/user/257130/activity Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/09 12:0 a.m.161 views

POMS-PHP 1.0 SQL Injection

Exploit Title: POMS-PHP by: oretnom23 v1.0 is vulnerable to remote SQL-Injection-Bypass-Authentication. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 09.09.2021 Vendor: https://www.sourcecodester.com/user/257130/activity Link:...

Exploits0
Rows per page
Query Builder