268 matches found
House Rental 1.0 SQL Injection Exploit
Exploit for php platform in category web applications Exploit Title: House Rental v1.0 - PDO Bypass SQL Injection - Unauthenticated Code Execution - Change Admin Password Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Vendor Homepage: https://projectworlds.in Software Link:...
Car Rental Management System 1.0 Remote Code Execution
Exploit Title: Car Rental Management System v1.0 - Unauthenticated RCE Exploit Author: Adeeb Shah @hyd3sec Shout out: Bobby Cooke boku Date: August 3, 2020 Vendor Homepage: https://projectworlds.in Software Link:...
Stock Management System 1.0 Cross Site Scripting
Exploit Title: Stock Management System v1.0 - Cross-Site Scripting Credential Harvester Login-Portal Exploit Author: Bobby Cooke Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...
Medium: python27, python34, python35, python36
Issue Overview: Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic...
Medium: python26
Issue Overview: Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic...
Amazon Linux AMI : python27 (ALAS-2020-1375)
The version of python27 installed on the remote host is prior to 2.7.18-1.137. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1375 advisory. http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly valida...
Gym Management System 1.0 - Unauthenticated Remote Code Execution
Exploit Title: Gym Management System 1.0 - Unauthenticated Remote Code Execution Exploit Author: Bobby Cooke Date: 2020-05-21 Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/gym-management-system-project-in-php/ Version: 1.0 Tested On:...
python27:2.7 security, bug fix, and enhancement update
...
Moderate: Red Hat Security Advisory: python27:2.7 security, bug fix, and enhancement update
An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
python27:2.7 security, bug fix, and enhancement update
An update is available for python-pymongo, python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-docs, python-requests, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet,...
RLSA-2020:1605 Moderate: python27:2.7 security, bug fix, and enhancement update
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Working Exploit PoC CVE-202...
Astra - Automated Security Testing For REST API's
REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically...
CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...
PythonAESObfuscate - Obfuscates A Python Script And The Accompanying Shellcode
Pythonic way to load shellcode. Builds an EXE for you too! Usage Place a payload.bin raw shellcode file in the same directory. Default Architecture is x86 run python obfuscate.py Default output is out.py Requirements Windows Python 2.7 Pyinstaller PyCrypto PyCryptodome didn't seem to work Downloa...
qdPM 9.1 Remote Code Execution
Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...
qdPM 9.1 - Remote Code Execution
qdPM 9.1 - Remote Code Execution Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-managemen...
qdPM 9.1 - Remote Code Execution
Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...
Domain Quester Pro 6.02 Stack Overflow
Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...
FTP Commander Pro 8.03 - Local Stack Overflow
FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...